Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi keylime Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1mNHI1LXE2M2YtZ2N3d84AA1uk
Keylime registrar and (untrusted) Agent can be bypassed by an attacker
Ecosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Low
GSA_kwCzR0hTQS1nNHdnLWNmcGYtOTY4Oc4AA0zn
keylime fails to flag device as untrusted when signature does not validate
Ecosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
High
GSA_kwCzR0hTQS1wZzc1LXY2ZnAtOHE1Oc4AA0_Q
Keylime's registrar vulnerable to Denial-of-service attack via a single open connection
Ecosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Critical
GSA_kwCzR0hTQS1qZjY2LTNxNzYtaDVwNc3jTg
Tenant and Verifier might not use the same registrar data
Ecosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Statistics
Advisories: 18,400
Packages: 8,303
Repositories: 1
Ecosystems: 12
Filter by Severity
Moderate 7,949 High 6,364 Critical 2,810 Low 986
Filter by Ecosystem
maven 5,534 packagist 3,815 pypi 3,727 npm 3,546 go 1,899 nuget 1,390 rubygems 814 cargo 777 swift 31 hex 30 actions 16 pub 8
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 django 80 apache-airflow 78 ansible 63 salt 50 apache-superset 49 Plone 45 plone 43 rdiffweb 42 Pillow 41 vyper 38 matrix-synapse 35 mlflow 31 opencv-contrib-python 30 opencv-python 30 Django 27 moin 23 langchain 18 PaddlePaddle 17 mercurial 17 cobbler 17 pillow 16 gradio 15 nova 15 paddlepaddle 15 cryptography 15 notebook 15 modoboa 14 pyftpdlib 14 keystone 14 pyload-ng 14 neutron 13 OctoPrint 12 vantage6 12 glance 11 urllib3 11 calibreweb 11 twisted 11 onionshare-cli 11 aiohttp 11 wagtail 10 Flask-AppBuilder 10 trytond 10 zope 9 opencv-contrib-python-headless 9 opencv-python-headless 9 Zope 9 ryu 9 waitress 9 kiwitcms 9 ethyca-fides 9 roundup 8 trac 8 numpy 8 nautobot 8 python-keystoneclient 8 label-studio 8 aubio 8 jupyter-server 7 swift 7 scrapy 7 matrix-sydent 7 pysaml2 7 ipython 7 pgadmin4 7 lief 7 pip 7 apache-airflow-providers-apache-hive 6 graphite-web 6 horizon 6 lxml 6 tuf 6 sentry 6 mindsdb 6 web2py 6 mailman 6 Zope2 6 inventree 6 lmdb 5 python-gnupg 5 feedparser 5 Jinja2 5 paramiko 5 whoogle-search 5 requests 5 Products.CMFPlone 5 ckan 5 bleach 5 cinder 5 pyspark 5 saleor 5 httpie 4 grpc 4 grpcio 4 oauthenticator 4 tornado 4 keylime 4 nvflare 4 PyPDF2 4 starlette 4 FreeTAKServer-UI 4 ansible-core 4 datasette 4 transformers 4 markdown2 4 reportlab 4 qutebrowser 4 nltk 4 yt-dlp 4 Pygments 4 jupyterhub 4 werkzeug 4 buildbot 4 Flask-Security-Too 4 omero-web 4 Werkzeug 4 esphome 4 GitPython 4 bottle 4 tripleo-heat-templates 4 Radicale 4 awsiotsdk 4 jwcrypto 4 pretix 4 aws-iot-device-sdk-v2 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 sosreport 3 bitlyshortener 3 localstack 3 indico 3 Moin 3 poetry 3 pywasm3 3 sickrage 3 onnx 3 gerapy 3 plone.supermodel 3 protobuf 3 plone.app.dexterity 3 plone.app.theming 3 plone.app.event 3 httplib2 3 apache-libcloud 3 ray 3 django-helpdesk 3 ecdsa 3 zenml 3 asyncssh 3 ajenti 3 barbican 3 pyarrow 3 python-jose 3 changedetection.io 3 fava 3 sanic 3 rsa 3 Products.PluggableAuthService 3 sqlparse 3 apache-iotdb 3 asyncua 3 wger 3 keyring 3 Mezzanine 3 jupyterlab 3 flask 3 dulwich 3 pycrypto 3 homeassistant 3 aim 3 indy-node 3 octavia 3 mistune 3 slixmpp 3 apache-airflow-providers-apache-spark 3 ujson 3 copyparty 3 streamlit 3 clearml 3 torchserve 3 docassemble.webapp 3 Weblate 3 pyyaml 3 SQLAlchemy 3 quokka 3 openvpn-monitor 3 Keystone 3 mayan-edms 3 pandasai 3 ansible-runner 3 mitmproxy 3 io.grpc:grpc-protobuf 3 zope2 2 djblets 2 ubi-reader 2 wagtail-2fa 2 Products.CMFCore 2 jinja2 2 untangle 2
Filter by Repository
https://github.com/keylime/keylime 4