Our Linux Sys Admin made the following statement below. How do you deal with that?
A great majority (discovered vulnerabilities) of these can be immediately crossed off because of [Security Backporting Practice - Red Hat Customer Portal]
Basically, a security scanner wants to see version “1234” but RHEL uses a backported version “123-4”. It’s got all the same security patches but carries a different version number because RHEL (and pretty much everyone else in the enterprise space) backports to keep features stable.