CVE-2023-37920 @ Python-certifi-2017.4.17

**Vulnerable Package** issue exists @ **Python\-certifi\-2017.4.17** in branch **main**

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 1.0.1 through 2023.5.7 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.

**Namespace:** pedrompflopes
**Repository:** small-project
**Repository Url:** https://github.com/pedrompflopes/small-project
**CxAST\-Project:** pedrompflopes/small-project
**CxAST platform scan:** [c8ffe959\-aafe\-486d\-a7e7\-1ba92f6aee49](https://rc.dev.cxast.net/projects/67f6816c-b694-486c-9962-3e11e1ab95bf/scans?id=c8ffe959-aafe-486d-a7e7-1ba92f6aee49&branch=main)
**Branch:** main
**Application:** small-project
**Severity:** HIGH
**State:** TO_VERIFY
**Status:** RECURRENT
**CWE:** CWE-345


----
**Additional Info**
**Attack vector:** NETWORK
**Attack complexity:** LOW
**Confidentiality impact:** NONE
**Availability impact:** NONE
**Remediation Upgrade Recommendation:** 2023.7.22


----
**References**
[Advisory](https://github.com/advisories/GHSA-xqr8-7jwr-rhp7)
[Commit](https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2023-37920 @ Python-certifi-2017.4.17 #21

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

CVE-2023-37920 @ Python-certifi-2017.4.17 #21

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions