Lucene search
K

5 matches found

Snyk
Snyk
added 2025/02/14 6:3 p.m.2 views

Improper Validation of Specified Type of Input

Overview keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input due to the registrar process. An attacker can cause the application to fail by populating the...

5.1CVSS6.9AI score0.00365EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.8 views

PT-2025-6825

Name of the Vulnerable Software and Affected Versions Keylime versions 7.8.0 through 7.12.0 Description The issue arises from the Keylime registrar implementing stricter type checking in version 7.12.0, causing it to reject data formats previously stored in the database by versions 7.8.0 and late...

4.3CVSS5.8AI score0.00365EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2023/11/11 12:0 a.m.18 views

Fedora 38 : keylime (2023-ed9922536e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ed9922536e advisory. Backport upstream fixes - Fixes: CVE-2023-38200 - Fixes: CVE-2023-38201 Tenable has extracted the preceding description block directly from the Fedo...

7.5CVSS6.8AI score0.01142EPSS
Exploits0References3
NVD
NVD
added 2023/08/25 5:15 p.m.35 views

CVE-2023-38201

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimat...

6.5CVSS6.5AI score0.00463EPSS
Exploits0References6
OSV
OSV
added 2023/08/25 5:15 p.m.28 views

CVE-2023-38201

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimat...

6.5CVSS6.9AI score0.00463EPSS
Exploits0References6
Rows per page
Query Builder