Vulnerabilities > Keylime > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-21 | CVE-2021-43310 | Authentication Bypass by Spoofing vulnerability in Keylime A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. | 9.8 |
| 2022-05-06 | CVE-2022-1053 | Improper Input Validation vulnerability in multiple products Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. | 9.1 |
| 2021-02-25 | CVE-2021-3406 | Improper Certificate Validation vulnerability in multiple products A flaw was found in keylime 5.8.1 and older. | 9.8 |