Description
The product uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key.
Extended Description
While the expiration of keys does not necessarily ensure that they are compromised, it is a significant concern that keys which remain in use for prolonged periods of time have a decreasing probability of integrity. For this reason, it is important to replace keys within a period of time proportional to their strength.
CVE vulnerabilities with CWE-324 (20)
9.8
CVSS
CRITICAL
CVE-2024-36031
pub. 2024-05-30
8.7
CVSS
HIGH
CVE-2025-31123
pub. 2025-03-31
8.2
CVSS
HIGH
CVE-2021-33020
pub. 2022-04-01
8.1
CVSS
HIGH
CVE-2025-2291
pub. 2025-04-16
8.1
CVSS
HIGH
CVE-2022-35401
pub. 2023-01-10
6.8
CVSS
MEDIUM
CVE-2026-52809
pub. 2026-06-24
6.6
CVSS
MEDIUM
CVE-2022-2447
pub. 2022-09-01
6.5
CVSS
MEDIUM
CVE-2024-25679
pub. 2024-02-09
6.3
CVSS
MEDIUM
CVE-2025-33012
pub. 2025-11-07
6.3
CVSS
MEDIUM
CVE-2025-48813
pub. 2025-10-14
6.3
CVSS
MEDIUM
CVE-2022-24732
pub. 2022-03-09
6.1
CVSS
MEDIUM
CVE-2019-3790
pub. 2019-06-06
5.4
CVSS
MEDIUM
CVE-2024-38277
pub. 2024-06-18
5.3
CVSS
MEDIUM
CVE-2025-13723
pub. 2026-03-13
4.8
CVSS
MEDIUM
CVE-2024-7318
pub. 2024-09-09
4.8
CVSS
MEDIUM
CVE-2024-6299
pub. 2024-06-25
4.3
CVSS
MEDIUM
CVE-2024-31893
pub. 2024-05-22
4.3
CVSS
MEDIUM
CVE-2024-31894
pub. 2024-05-22
4.3
CVSS
MEDIUM
CVE-2024-31895
pub. 2024-05-22
4.1
CVSS
MEDIUM
CVE-2023-5342
pub. 2025-08-14