Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:keylime:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Keylime (987e2e2c-9858-5430-beae-178e00d25328) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-3500 |
vulnerable | 2026-06-08 05:48:21.291961 |
Details available
A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.
Published: 2022-11-22T00:00:00.000Z
Updated: 2025-04-29T04:27:39.253Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-23952 |
vulnerable | 2026-06-08 05:40:59.379629 |
Details available
In Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable.
Published: 2022-09-21T18:25:13.000Z
Updated: 2025-05-22T18:31:00.234Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-23951 |
vulnerable | 2026-06-08 05:40:59.379174 |
Details available
In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs.
Published: 2022-09-21T18:25:07.000Z
Updated: 2025-05-27T20:16:04.351Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-23950 |
vulnerable | 2026-06-08 05:40:59.378738 |
Details available
In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations.
Published: 2022-09-21T18:25:02.000Z
Updated: 2025-05-27T20:34:06.188Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-23949 |
vulnerable | 2026-06-08 05:40:59.378280 |
Details available
In Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar.
Published: 2022-09-21T18:23:47.000Z
Updated: 2025-05-27T20:34:51.145Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-23948 |
vulnerable | 2026-06-08 05:40:59.376916 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-1053 |
vulnerable | 2026-06-08 05:39:12.071037 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-43310 |
vulnerable | 2026-06-08 05:36:43.138881 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3406 |
vulnerable | 2026-06-08 05:33:51.270571 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.