CVE-2025-1057

MEDIUM Year: 2025
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-704
View all →

Vulnerability Description

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail.

Related Vulnerabilities

CVE-2016-7156

MEDIUM
CVSS:4.4(Medium)

The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leve...

CWE-7042016

CVE-2024-2606

LOW
CVSS:3.7(Low)

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.

CWE-7042024

CVE-2018-18386

LOW
CVSS:3.3(Low)

drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC ver...

CWE-7042018

CVE-2024-36735

MEDIUM
CVSS:5.3(Medium)

OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating.

CWE-7042024

CVE-2017-13855

MEDIUM
CVSS:5.5(Medium)

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "...

CWE-7042017

CVE-2021-23566

MEDIUM
CVSS:5.5(Medium)

The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.

CWE-7042021