CVE-2023-37920
Summary
| CVE | CVE-2023-37920 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-07-25 21:15:00 UTC |
|---|
| Updated | 2023-08-12 06:16:00 UTC |
|---|
| Description | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 38 Update: mingw-python-certifi-2023.7.22-1.fc38 - package-announce - Fedora Mailing-Lists |
MISC |
lists.fedoraproject.org |
|
| Review of e-Tugra's Inclusion in Mozilla’s Root Store |
MISC |
groups.google.com |
|
| Removal of e-Tugra root certificate · Advisory · certifi/python-certifi · GitHub |
MISC |
github.com |
|
| 2023.07.22 · certifi/python-certifi@8fb96ed · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 161247 Oracle Enterprise Linux Security Update for fence-agents (ELSA-2023-7753)
- 161278 Oracle Enterprise Linux Security Update for fence-agents (ELSA-2024-0133)
- 242345 Red Hat Update for fence-agents bug fix, enhancement, and (RHSA-2023:6812)
- 242488 Red Hat Update for fence-agents (RHSA-2023:7378)
- 242517 Red Hat Update for fence-agents (RHSA-2023:7528)
- 242523 Red Hat Update for fence-agents (RHSA-2023:7523)
- 242574 Red Hat Update for fence-agents (RHSA-2023:7435)
- 242582 Red Hat Update for fence-agents (RHSA-2023:7753)
- 242599 Red Hat Update for fence-agents (RHSA-2023:7407)
- 242603 Red Hat Update for fence-agents (RHSA-2023:7385)
- 284388 Fedora Security Update for mingw (FEDORA-2023-b88b72e3e1)
- 330160 IBM AIX Multiple Vulnerabilities (python_advisory7)
- 355873 Amazon Linux Security Advisory for ca-certificates : ALAS2023-2023-297
- 356342 Amazon Linux Security Advisory for ca-certificates : AL2012-2023-445
- 379345 Splunk Enterprise Third Party Package Updates for January 2024 (SVD-2024-0109)
- 503375 Alpine Linux Security Update for py3-certifi
- 941505 AlmaLinux Security Update for fence-agents (ALSA-2023:7753)
- 941539 AlmaLinux Security Update for fence-agents (ALSA-2024:0133)
