VYPR

rpm package

almalinux/keylime-tools

pkg:rpm/almalinux/keylime-tools

Vulnerabilities (2)

  • CVE-2026-1709Feb 6, 2026
    affected < 7.12.1-11.el10_1.4fixed 7.12.1-11.el10_1.4

    A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations,

  • CVE-2025-13609HigNov 24, 2025
    affected < 7.12.1-11.el10_1.3fixed 7.12.1-11.el10_1.3

    A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identi