Vulnerabilities > Keylime > Keylime > 6.3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-25 | CVE-2023-38201 | A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. | 6.5 |
2023-07-19 | CVE-2023-3674 | A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. | 2.8 |
2022-11-22 | CVE-2022-3500 | Uncaught Exception vulnerability in multiple products A vulnerability was found in keylime. | 5.1 |
2022-05-06 | CVE-2022-1053 | Improper Input Validation vulnerability in multiple products Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. | 9.1 |