—

PYSEC-2022-42995

상세

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / keylime

최초 영향 버전: 0 수정 버전: 6.5.1

수정 pip install --upgrade 'keylime>=6.5.1'

참고

https://github.com/keylime/keylime/pull/1128 [WEB]
https://access.redhat.com/security/cve/CVE-2022-3500 [WEB]