Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/keylime@6.4.2

Type pypi

Namespace

Name keylime

Version 6.4.2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 7.12.2

Latest_non_vulnerable_version 7.14.2

Affected_by_vulnerabilities

url VCID-8d4d-11cy-6bhu

vulnerability_id VCID-8d4d-11cy-6bhu

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1709.json

reference_id

reference_type

scores

value	9.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1709.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-1709

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.08111
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-1709

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/keylime/keylime

reference_id

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2026-74.yaml

reference_id

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2026-74.yaml

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id	cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0
reference_id	cpe:/o:redhat:enterprise_linux_eus:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0

reference_url

https://access.redhat.com/security/cve/CVE-2026-1709

reference_id

CVE-2026-1709

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-06T19:38:04Z/

url

https://access.redhat.com/security/cve/CVE-2026-1709

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-1709

reference_id

CVE-2026-1709

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-1709

reference_url

https://github.com/advisories/GHSA-4jqp-9qjv-57m2

reference_id

GHSA-4jqp-9qjv-57m2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4jqp-9qjv-57m2

reference_url

https://github.com/keylime/keylime/security/advisories/GHSA-4jqp-9qjv-57m2

reference_id

GHSA-4jqp-9qjv-57m2

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/security/advisories/GHSA-4jqp-9qjv-57m2

reference_url

https://access.redhat.com/errata/RHSA-2026:2224

reference_id

RHSA-2026:2224

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-06T19:38:04Z/

url

https://access.redhat.com/errata/RHSA-2026:2224

reference_url

https://access.redhat.com/errata/RHSA-2026:2225

reference_id

RHSA-2026:2225

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-06T19:38:04Z/

url

https://access.redhat.com/errata/RHSA-2026:2225

reference_url

https://access.redhat.com/errata/RHSA-2026:2298

reference_id

RHSA-2026:2298

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-06T19:38:04Z/

url

https://access.redhat.com/errata/RHSA-2026:2298

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2435514

reference_id

show_bug.cgi?id=2435514

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-06T19:38:04Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2435514

fixed_packages

url pkg:pypi/keylime@7.12.0

purl pkg:pypi/keylime@7.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6hnx-8kad-k3bq

vulnerability	VCID-8d4d-11cy-6bhu

vulnerability	VCID-brgm-zehf-sqfc

vulnerability	VCID-us59-3kjb-ukd6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@7.12.0

url	pkg:pypi/keylime@7.12.2
purl	pkg:pypi/keylime@7.12.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@7.12.2

url	pkg:pypi/keylime@7.13.1
purl	pkg:pypi/keylime@7.13.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@7.13.1

aliases CVE-2026-1709, GHSA-4jqp-9qjv-57m2, PYSEC-2026-74

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8d4d-11cy-6bhu

url VCID-ejrx-6qht-ryar

vulnerability_id VCID-ejrx-6qht-ryar

summary A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3674.json

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3674.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3674

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.08426
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3674

reference_url

https://github.com/advisories/GHSA-g4wg-cfpf-9689

reference_id

reference_type

scores

value	2.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g4wg-cfpf-9689

reference_url

https://github.com/keylime/keylime

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2023-128.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2023-128.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-3674

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-3674

reference_url

https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db

reference_id

95ce3d86bd2c53009108ffda2dcf553312d733db

reference_type

scores

value	2.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	2.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:58:02Z/

url

https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url

https://access.redhat.com/security/cve/CVE-2023-3674

reference_id

CVE-2023-3674

reference_type

scores

value	2.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	2.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:58:02Z/

url

https://access.redhat.com/security/cve/CVE-2023-3674

reference_url

https://access.redhat.com/errata/RHSA-2024:1139

reference_id

RHSA-2024:1139

reference_type

scores

value	2.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:58:02Z/

url

https://access.redhat.com/errata/RHSA-2024:1139

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2222903

reference_id

show_bug.cgi?id=2222903

reference_type

scores

value	2.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

value	2.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:58:02Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2222903

fixed_packages

url pkg:pypi/keylime@7.2.5

purl pkg:pypi/keylime@7.2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8d4d-11cy-6bhu

vulnerability	VCID-ejrx-6qht-ryar

vulnerability	VCID-nz8y-qzfd-tbbm

vulnerability	VCID-sgky-ahtw-x3b6

vulnerability	VCID-us59-3kjb-ukd6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@7.2.5

aliases CVE-2023-3674, GHSA-g4wg-cfpf-9689, PYSEC-2023-128

risk_score 1.2

exploitability 0.5

weighted_severity 2.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejrx-6qht-ryar

url VCID-fxa9-989d-wbaj

vulnerability_id VCID-fxa9-989d-wbaj

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3500.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3500.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3500

reference_id

reference_type

scores

value	0.00117
scoring_system	epss
scoring_elements	0.30112
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3500

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/keylime/keylime

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime

reference_url

https://github.com/keylime/keylime/commit/f969d397f92962b553f8c5bcbbeeb3bbdeca9456

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/commit/f969d397f92962b553f8c5bcbbeeb3bbdeca9456

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2022-42995.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2022-42995.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z

reference_url

https://github.com/keylime/keylime/pull/1128

reference_id

1128

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:27:15Z/

url

https://github.com/keylime/keylime/pull/1128

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2135343
reference_id	2135343
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2135343

reference_url

https://access.redhat.com/security/cve/CVE-2022-3500

reference_id

CVE-2022-3500

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:27:15Z/

url

https://access.redhat.com/security/cve/CVE-2022-3500

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-3500

reference_id

CVE-2022-3500

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-3500

reference_url

https://github.com/advisories/GHSA-hff2-x2j9-gxgv

reference_id

GHSA-hff2-x2j9-gxgv

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hff2-x2j9-gxgv

reference_url

https://github.com/keylime/keylime/security/advisories/GHSA-hff2-x2j9-gxgv

reference_id

GHSA-hff2-x2j9-gxgv

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/security/advisories/GHSA-hff2-x2j9-gxgv

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/

reference_id

PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:27:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/

reference_id

QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:27:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/

reference_url	https://access.redhat.com/errata/RHSA-2022:8444
reference_id	RHSA-2022:8444
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8444

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/

reference_id

ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:27:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/

fixed_packages

url pkg:pypi/keylime@6.5.1

purl pkg:pypi/keylime@6.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8d4d-11cy-6bhu

vulnerability	VCID-ejrx-6qht-ryar

vulnerability	VCID-nz8y-qzfd-tbbm

vulnerability	VCID-sgky-ahtw-x3b6

vulnerability	VCID-us59-3kjb-ukd6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@6.5.1

aliases CVE-2022-3500, GHSA-hff2-x2j9-gxgv, PYSEC-2022-42995

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fxa9-989d-wbaj

url VCID-nz8y-qzfd-tbbm

vulnerability_id VCID-nz8y-qzfd-tbbm

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38200.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38200.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-38200

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49812
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-38200

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/keylime/keylime

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime

reference_url

https://github.com/keylime/keylime/commit/c68d8f0b7ea549c12b6956ab0f3c28ae0360ae17

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/commit/c68d8f0b7ea549c12b6956ab0f3c28ae0360ae17

reference_url

https://github.com/keylime/keylime/releases/tag/v7.4.0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/releases/tag/v7.4.0

reference_url

https://github.com/keylime/keylime/security/advisories/GHSA-pg75-v6fp-8q59

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/security/advisories/GHSA-pg75-v6fp-8q59

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-38200

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-38200

reference_url

https://github.com/keylime/keylime/pull/1421

reference_id

1421

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-26T17:38:02Z/

url

https://github.com/keylime/keylime/pull/1421

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url

https://access.redhat.com/security/cve/CVE-2023-38200

reference_id

CVE-2023-38200

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-26T17:38:02Z/

url

https://access.redhat.com/security/cve/CVE-2023-38200

reference_url

https://github.com/advisories/GHSA-pg75-v6fp-8q59

reference_id

GHSA-pg75-v6fp-8q59

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pg75-v6fp-8q59

reference_url

https://access.redhat.com/errata/RHSA-2023:5080

reference_id

RHSA-2023:5080

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-26T17:38:02Z/

url

https://access.redhat.com/errata/RHSA-2023:5080

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2222692

reference_id

show_bug.cgi?id=2222692

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-26T17:38:02Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2222692

fixed_packages

url pkg:pypi/keylime@7.4.0

purl pkg:pypi/keylime@7.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8d4d-11cy-6bhu

vulnerability	VCID-sgky-ahtw-x3b6

vulnerability	VCID-us59-3kjb-ukd6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@7.4.0

aliases CVE-2023-38200, GHSA-pg75-v6fp-8q59

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nz8y-qzfd-tbbm

url VCID-sgky-ahtw-x3b6

vulnerability_id VCID-sgky-ahtw-x3b6

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38201.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38201.json

reference_url

https://access.redhat.com/security/cve/CVE-2023-38201

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2023-38201

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-38201

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06739
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-38201

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2222693

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2222693

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/keylime/keylime

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime

reference_url

https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a

reference_url

https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2023-160.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2023-160.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-38201

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-38201

reference_url

https://github.com/advisories/GHSA-f4r5-q63f-gcww

reference_id

GHSA-f4r5-q63f-gcww

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f4r5-q63f-gcww

reference_url

https://access.redhat.com/errata/RHSA-2023:5080

reference_id

RHSA-2023:5080

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2023:5080

fixed_packages

url pkg:pypi/keylime@7.5.0

purl pkg:pypi/keylime@7.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8d4d-11cy-6bhu

vulnerability	VCID-us59-3kjb-ukd6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@7.5.0

aliases CVE-2023-38201, GHSA-f4r5-q63f-gcww, PYSEC-2023-160

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sgky-ahtw-x3b6

url VCID-us59-3kjb-ukd6

vulnerability_id VCID-us59-3kjb-ukd6

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13609.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13609.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-13609

reference_id

reference_type

scores

value	0.00094
scoring_system	epss
scoring_elements	0.26228
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-13609

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/keylime/keylime

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime

reference_url

https://github.com/keylime/keylime/commit/e1ae8de1f7b1385eaeec66572a92ff1338e6e157

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/commit/e1ae8de1f7b1385eaeec66572a92ff1338e6e157

reference_url

https://github.com/keylime/keylime/pull/1785

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/pull/1785

reference_url

https://github.com/keylime/keylime/releases/tag/v7.13.0

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/keylime/keylime/releases/tag/v7.13.0

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2025-77.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2025-77.yaml

reference_url

https://github.com/keylime/keylime/issues/1820

reference_id

1820

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://github.com/keylime/keylime/issues/1820

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id	cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0
reference_id	cpe:/o:redhat:enterprise_linux_eus:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0

reference_url

https://access.redhat.com/security/cve/CVE-2025-13609

reference_id

CVE-2025-13609

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://access.redhat.com/security/cve/CVE-2025-13609

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-13609

reference_id

CVE-2025-13609

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-13609

reference_url

https://github.com/advisories/GHSA-xh5w-g8gq-r3v9

reference_id

GHSA-xh5w-g8gq-r3v9

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xh5w-g8gq-r3v9

reference_url

https://access.redhat.com/errata/RHSA-2025:23201

reference_id

RHSA-2025:23201

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://access.redhat.com/errata/RHSA-2025:23201

reference_url

https://access.redhat.com/errata/RHSA-2025:23210

reference_id

RHSA-2025:23210

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://access.redhat.com/errata/RHSA-2025:23210

reference_url

https://access.redhat.com/errata/RHSA-2025:23628

reference_id

RHSA-2025:23628

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://access.redhat.com/errata/RHSA-2025:23628

reference_url

https://access.redhat.com/errata/RHSA-2025:23735

reference_id

RHSA-2025:23735

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://access.redhat.com/errata/RHSA-2025:23735

reference_url

https://access.redhat.com/errata/RHSA-2025:23852

reference_id

RHSA-2025:23852

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://access.redhat.com/errata/RHSA-2025:23852

reference_url

https://access.redhat.com/errata/RHSA-2026:0429

reference_id

RHSA-2026:0429

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://access.redhat.com/errata/RHSA-2026:0429

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2416761

reference_id

show_bug.cgi?id=2416761

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-24T19:00:14Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2416761

fixed_packages

url pkg:pypi/keylime@7.13.0

purl pkg:pypi/keylime@7.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6hnx-8kad-k3bq

vulnerability	VCID-8d4d-11cy-6bhu

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@7.13.0

aliases CVE-2025-13609, GHSA-xh5w-g8gq-r3v9, PYSEC-2025-77

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-us59-3kjb-ukd6

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keylime@6.4.2

Package Instance