vulnerability
SUSE: CVE-2022-23951: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:N/I:N/A:C) | Sep 21, 2022 | Oct 26, 2022 | Jan 28, 2025 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:N/I:N/A:C)
Published
Sep 21, 2022
Added
Oct 26, 2022
Modified
Jan 28, 2025
Description
In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs.
Solutions
suse-upgrade-keylime-agentsuse-upgrade-keylime-configsuse-upgrade-keylime-firewalldsuse-upgrade-keylime-logrotatesuse-upgrade-keylime-registrarsuse-upgrade-keylime-tpm_cert_storesuse-upgrade-keylime-verifiersuse-upgrade-python3-keylime
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.