Security: keylime/keylime
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0GHSA-9jxq-5x44-gx23 published
Feb 14, 2025 by ansasakiModerate -
Registrar vulnerable to Denial-of-service attack via a single open connectionGHSA-pg75-v6fp-8q59 published
Aug 1, 2023 by maugustosilvaModerate -
Challenge-response protocol between Registrar and (untrusted) Agent can be bypassed by an attackerGHSA-f4r5-q63f-gcww published
Aug 23, 2023 by maugustosilvaHigh -
Keylime: unhandled exceptions could lead to invalid attestation statesGHSA-hff2-x2j9-gxgv published
Oct 27, 2022 by mpetersModerate -
Tenant and Verifier might not use the same registrar dataGHSA-jf66-3q76-h5p5 published
May 4, 2022 by mpetersModerate -
Keylime: The keylime.conf file installed as world-readableGHSA-fchm-5w2v-qfm8 published
Jan 27, 2022 by mpetersHigh -
Keylime: Quote responses subject to Zip bomb attacksGHSA-6xx7-m45w-76m2 published
Jan 27, 2022 by mpetersHigh -
Keylime: Revocation Notifier's UNIX unprivileged domain socket which can allow DOSGHSA-9r9r-f8xc-m875 published
Jan 27, 2022 by mpetersHigh -
Keylime: Unsanitized UUIDs can lead to log spoofingGHSA-87gh-qc28-j9mm published
Jan 27, 2022 by mpetersHigh -
Keylime: Secure mount logic can leak sensitive dataGHSA-wj36-qcfg-5j52 published
Jan 27, 2022 by mpetersHigh
Learn more about advisories related to keylime/keylime in the GitHub Advisory Database