Vulnerability Database
296,760
Total vulnerabilities in the database
CVE-2022-3500
A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.
| Software | From | Fixed in |
|---|---|---|
| keylime / keylime | - | 6.5.1 |
| redhat / enterprise_linux | 9.0 | 9.0.x |
| fedoraproject / fedora | 35 | 35.x |
| fedoraproject / fedora | 36 | 36.x |
| fedoraproject / fedora | 37 | 37.x |
keylime
|
- | 6.5.1 |
- https://access.redhat.com/security/cve/CVE-2022-3500
- https://github.com/keylime/keylime/pull/1128
- https://github.com/keylime/keylime/pull/1128/files
- https://github.com/keylime/keylime/security/advisories/GHSA-hff2-x2j9-gxgv
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime