Количество 8
Количество 8
GHSA-4jqp-9qjv-57m2
Keylime Missing Authentication for Critical Function and Improper Authentication
CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
RLSA-2026:2225
Critical: keylime security update
RLSA-2026:2224
Critical: keylime security update
ELSA-2026-2225
ELSA-2026-2225: keylime security update (CRITICAL)
ELSA-2026-2224
ELSA-2026-2224: keylime security update (CRITICAL)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-4jqp-9qjv-57m2 Keylime Missing Authentication for Critical Function and Improper Authentication | CVSS3: 9.4 | 0% Низкий | около 2 месяцев назад |
 | CVE-2026-1709 A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. | CVSS3: 9.4 | 0% Низкий | около 2 месяцев назад |
 | CVE-2026-1709 A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. | CVSS3: 9.4 | 0% Низкий | около 2 месяцев назад |
 | CVE-2026-1709 A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. | CVSS3: 9.4 | 0% Низкий | около 2 месяцев назад |
 | RLSA-2026:2225 Critical: keylime security update | 0% Низкий | около 2 месяцев назад | |
| RLSA-2026:2224 Critical: keylime security update | 0% Низкий | около 2 месяцев назад | |
| ELSA-2026-2225 ELSA-2026-2225: keylime security update (CRITICAL) | около 2 месяцев назад | ||
| ELSA-2026-2224 ELSA-2026-2224: keylime security update (CRITICAL) | около 2 месяцев назад |
Уязвимостей на страницу