Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Micro 5.4 package rust-keylime, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2024-12224 — CVSS 8.8 (high): Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode…
CVE-2023-26964 — CVSS 7.5 (high): An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a…
CVE-2024-32650 — CVSS 7.5 (high): Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network…
CVE-2026-25727 — CVSS 6.5 (medium): time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses…
CVE-2024-43806 — CVSS 6.5 (medium): Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using `rustix::fs::Dir` using the `linux_raw` backend, it's possible for the…
CVE-2025-58266 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fumiki Takahashi Gianism gianism…
CVE-2025-55159: slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were…
CVE-2025-3416 — CVSS 3.7 (low): A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free…