The 2020 and 10th edition of the Red Hat ® Product Security risk report is an overview of security vulnerabilities that impacted Red Hat products for the 2020 calendar year. In this report, security vulnerabilities publicly announced throughout the last calendar year and the data and metrics produced for these vulnerabilities across all of our portfolios are reviewed. High-impact, high-proﬁle events that aﬀected Red Hat oﬀerings and deserve more attention than many of the others are also reviewed.
In this report, the product means a Red Hat oﬀering listed at https://access.redhat.com/products and the associated version(s) available in 2020. All security-related issues that impact one of those products are documented and assigned a Common Vulnerabilities and Exposures (CVE) identiﬁer and a Red Hat severity rating by our Red Hat Product Security team. Red Hat Product Security includes Red Hat’s Product Security and Incident Response Team (PSIRT) that has been serving Red Hat, our subscribers, communities, and partners since September 2001.