CVE-2024-13454

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-13454
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-13454.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-13454
Downstream
Published
2025-01-20T21:15:21.453Z
Modified
2026-04-10T05:08:07.676584Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3

References

Affected packages

Git / github.com/openvpn/easy-rsa

Affected ranges

Type
GIT
Repo
https://github.com/openvpn/easy-rsa
Events
Introduced
4152244bae2101018410df952e0bc00049947f8a
Last affected
3c233d279d43e419b0529411ee62bba7a08f0c0f
Database specific 
{
    "versions": [
        {
            "introduced": "3.0.5"
        },
        {
            "last_affected": "3.1.7"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-13454.json"