keylime (SUSE:Linux Enterprise Module for Basesystem 15 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 SP4 package keylime, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2022-1053 — CVSS 9.1 (critical): Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and…
CVE-2023-38200 — CVSS 7.5 (high): A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL…
CVE-2022-31250 — CVSS 7.1 (high): A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the…
CVE-2023-38201 — CVSS 6.5 (medium): A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This…
CVE-2022-3500 — CVSS 5.1 (medium): A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there…