Lucene search
Veracode Vulnerability DatabaseVERACODE:37831HistoryNov 08, 2022 - 3:14 a.m.
Denial Of Service (DoS)
2022-11-0803:14:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
keylime vulnerability
denial of service
exception handling
tornado_requests
attacker
malicious input
application crash
EPSS
0.001
Percentile
35.3%
keylime is vulnerable to denial of service. The vulnerability is due to a lack of proper exception handling in the request function of tornado_requests.py which allows an attacker to crash the application via malicious input.
References
access.redhat.com/security/cve/cve-2022-3500
github.com/keylime/keylime/commit/f969d397f92962b553f8c5bcbbeeb3bbdeca9456
github.com/keylime/keylime/pull/1128
lists.fedoraproject.org/archives/list/[email protected]/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/
lists.fedoraproject.org/archives/list/[email protected]/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/
lists.fedoraproject.org/archives/list/[email protected]/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/
Related
openvas
openvas
Fedora: Security Advisory for keylime (FEDORA-2022-8ad3246cc0)
2022-12-19 00:00:00
Fedora: Security Advisory for keylime (FEDORA-2022-7a312cde45)
2022-12-19 00:00:00
Fedora: Security Advisory for keylime (FEDORA-2022-5a6ed3607d)
2022-12-11 00:00:00
nessus
nessus
Fedora 36 : keylime (2022-8ad3246cc0)
2022-12-23 00:00:00
RHEL 9 : keylime (RHSA-2022:8444)
2022-11-16 00:00:00
Rocky Linux 9 : keylime (RLSA-2022:8444)
2023-11-06 00:00:00
oraclelinux
oraclelinux
keylime security update
2022-11-24 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: keylime-6.4.3-2.fc35
2022-12-11 01:48:21
[SECURITY] Fedora 37 Update: keylime-6.4.3-5.fc37
2022-12-19 01:16:22
[SECURITY] Fedora 36 Update: keylime-6.4.3-2.fc36
2022-12-19 01:18:15
cve
cve
CVE-2022-3500
2022-11-22 19:15:17
osv
osv
PYSEC-2022-42995
2022-11-22 19:15:00
Moderate: keylime security update
2022-11-15 15:35:49
Moderate: keylime security update
2022-11-15 00:00:00
cvelist
cvelist
CVE-2022-3500
2022-11-22 00:00:00
almalinux
almalinux
Moderate: keylime security update
2022-11-15 00:00:00
github
github
Keylime: unhandled exceptions could lead to invalid attestation states
2022-10-28 19:19:42
prion
prion
Design/Logic Flaw
2022-11-22 19:15:00
rocky
rocky
keylime security update
2022-11-15 15:35:49
redhatcve
redhatcve
CVE-2022-3500
2022-10-29 00:16:47
redhat
redhat
(RHSA-2022:8444) Moderate: keylime security update
2022-11-15 15:35:49
nvd
nvd
CVE-2022-3500
2022-11-22 19:15:17