python3-keylime (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package python3-keylime, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2026-1709 — CVSS 9.4 (critical): A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS)…
CVE-2025-13609 — CVSS 8.2 (high): A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted…
CVE-2023-38200 — CVSS 7.5 (high): A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL…
CVE-2023-38201 — CVSS 6.5 (medium): A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This…
CVE-2022-3500 — CVSS 5.1 (medium): A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there…
CVE-2023-3674 — CVSS 2.3 (low): A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's…