Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
6 May 2022
5 May 2022
How to fix?
keylime to version 6.4.0 or higher.
keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud
Affected versions of this package are vulnerable to Improper Input Validation in
Verifier which does not use the same registrar data. It allows an attacker to use one
EK pair from a real
TPM to pass
EK validation and give the verifier an
AK of a software