Latest version: v7.10.0
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2023-38201 | 64649 |
Keylime 7.5.0 resolves the CVE-2023-38201 vulnerability. This vulnera… |
|
MEDIUM | 6.5 |
| CVE-2023-38200 | 64650 |
Keylime 7.4.0 resolves the CVE-2023-38200 vulnerability. This vulnera… |
|
HIGH | 7.5 |
| PVE-2024-99899 | 64991 |
An issue was identified in the keylime attestation verifier, which er… |
|
- | - |
| CVE-2022-23949 | 62592 |
In Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue a… |
|
HIGH | 7.5 |
| CVE-2022-23952 | 62595 |
In Keylime before 6.3.0, current keylime installer installs the keyli… |
|
HIGH | 7.5 |
| CVE-2022-23950 | 62593 |
In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path f… |
|
HIGH | 7.5 |
| CVE-2022-23948 | 62523 |
A flaw was found in Keylime before 6.3.0. The logic in the Keylime ag… |
|
HIGH | 7.5 |
| CVE-2022-23951 | 62594 |
In Keylime before 6.3.0, quote responses from the agent can contain p… |
|
MEDIUM | 5.5 |
| CVE-2021-43310 | 62685 |
A vulnerability in Keylime before 6.3.0 allows an attacker to craft a… |
|
CRITICAL | 9.8 |
| CVE-2021-3406 | 62640 |
A flaw was found in keylime versions 5.8.1 and earlier. The issue in … |
|
CRITICAL | 9.8 |
| CVE-2022-3500 | 54579 |
### Impact This vulnerability creates a false sense of security for … |
|
MEDIUM | 5.1 |
| CVE-2022-1053 | 54441 |
Keylime does not enforce that the agent registrar data is the same wh… |
|
CRITICAL | 9.1 |