CWE-298— Improper Validation of Certificate Expiration

6 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-298page 1 of 1

CVE-2023-42446MEDIUMCVSS 6.5EG 6.5
2023-09-18
Pow is a authentication and user management solution for Phoenix and Plug-based apps. Starting in version 1.0.14 and prior to version 1.0.34, use of `Pow.Store.Backend.MnesiaCache` is susceptible to session hijacking as expired keys are no…
CVE-2025-4384MEDIUMCVSS 6.0EG 0.0
2025-05-06
The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious devices to present certificates that are not rejected properly. The use of a client c…
CVE-2025-59036MEDIUMCVSS 5.5EG 5.5
2025-09-09
Infrahub offers a central hub to manage data, templates, and playbooks. Prior to versiond 1.3.9 and 1.4.5, a bug in the authentication logic will cause API tokens that were deleted and/or expired to be considered valid. This means that any…
CVE-2025-61736HIGHCVSS 7.1EG 0.0
2025-12-17
Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.
CVE-2025-67108CRITICALCVSS 10.0EG 10.0
2025-12-23
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.
CVE-2025-67109CRITICALCVSS 10.0EG 10.0
2025-12-23
Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.

Map vulnerabilities like CWE-298 to your infrastructure

EchelonGraph correlates every CVE — across CWE-298 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →