rpm package
almalinux/keylime-tools
pkg:rpm/almalinux/keylime-tools
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-1709 | — | < 7.12.1-11.el10_1.4 | 7.12.1-11.el10_1.4 | Feb 6, 2026 | A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, | ||
| CVE-2025-13609 | Hig | 8.2 | < 7.12.1-11.el10_1.3 | 7.12.1-11.el10_1.3 | Nov 24, 2025 | A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identi |
- CVE-2026-1709Feb 6, 2026affected < 7.12.1-11.el10_1.4fixed 7.12.1-11.el10_1.4
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations,
- affected < 7.12.1-11.el10_1.3fixed 7.12.1-11.el10_1.3
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identi