4 matches found
CVE-2022-23951
In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs...
CVE-2022-23951
In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs...
CVE-2022-23951
Keylime before 6.3.0 is affected: the agent’s quote responses may contain untrusted ZIP data, enabling zip bomb scenarios. Concrete details across sources confirm the vulnerable component/version and the impact (zip bombs) and advise upgrading to 6.3.0+ as the remediation. Open-source advisories ...
CVE-2022-23951
In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs...