13 matches found
EUVD-2025-34355
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally...
CVE-2025-48813
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally...
PT-2025-41996
Name of the Vulnerable Software and Affected Versions Versions prior to 2025 Description The use of a key after its expiration date within Virtual Secure Mode can allow a local attacker to perform spoofing. Recommendations At the moment, there is no information about a newer version that contains...
Flask 安全漏洞
Flask is a Python microframework for building web applications open-sourced by Pallets. A security vulnerability exists in Flask version 3.1.0 that stems from mishandling of the key fallback configuration, which could result in session signing with an expired key...
Use of a Key Past its Expiration Date
Overview Affected versions of this package are vulnerable to Use of a Key Past its Expiration Date in the CreateOIDCJWTProfileClient function, which doesn't sufficiently check token expiry times for Authorization Grants. An attacker can obtain valid access tokens by using an expired JWT key...
ZITADEL 安全漏洞
ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the container and serverless era, open sourced by ZITADEL in Switzerland. ZITADEL suffers from a security vulnerability that stems from an expired key that can be used to retrieve a token...
CVE-2024-6299 Use of a Key Past its Expiration Date in Conduit
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date...
CVE-2024-6299 Use of a Key Past its Expiration Date in Conduit
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date...
PT-2022-10190 · Philips · Philips Vue Pacs
Name of the Vulnerable Software and Affected Versions: Philips Vue PACS versions 12.2.x.x and prior Description: The issue concerns the use of a cryptographic key or password past its expiration date, which significantly diminishes safety by increasing the timing window for cracking attacks again...
Zulip code issue vulnerability
Zulip is a powerful open source group chat application from the Zulip team. Used to combine the immediacy of real-time chat with the productivity benefits of threaded conversations, Zulip suffers from a code issue vulnerability that stems from improper design or implementation during the code...
CVE-2019-10643
Contao 4.7 allows Use of a Key Past its Expiration Date...
Ubuntu: Security Advisory (USN-762-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-1358
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...