Количество 9
Количество 9
CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
openSUSE-SU-2026:20398-1
Security update for keylime
RLSA-2026:2225
Critical: keylime security update
RLSA-2026:2224
Critical: keylime security update
GHSA-4jqp-9qjv-57m2
Keylime Missing Authentication for Critical Function and Improper Authentication
ELSA-2026-2225
ELSA-2026-2225: keylime security update (CRITICAL)
ELSA-2026-2224
ELSA-2026-2224: keylime security update (CRITICAL)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-1709 A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. | CVSS3: 9.4 | 0% Низкий | 2 месяца назад |
 | CVE-2026-1709 A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. | CVSS3: 9.4 | 0% Низкий | 2 месяца назад |
 | CVE-2026-1709 A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. | CVSS3: 9.4 | 0% Низкий | 2 месяца назад |
 | openSUSE-SU-2026:20398-1 Security update for keylime | 0% Низкий | 29 дней назад | |
 | RLSA-2026:2225 Critical: keylime security update | 0% Низкий | 2 месяца назад | |
| RLSA-2026:2224 Critical: keylime security update | 0% Низкий | 2 месяца назад | |
| GHSA-4jqp-9qjv-57m2 Keylime Missing Authentication for Critical Function and Improper Authentication | CVSS3: 9.4 | 0% Низкий | 2 месяца назад |
| ELSA-2026-2225 ELSA-2026-2225: keylime security update (CRITICAL) | 2 месяца назад | ||
| ELSA-2026-2224 ELSA-2026-2224: keylime security update (CRITICAL) | 2 месяца назад |
Уязвимостей на страницу