High severityNVD Advisory· Published Jul 25, 2023· Updated Mar 5, 2025
Certifi's removal of e-Tugra root certificate
CVE-2023-37920
Description
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
certifiPyPI | >= 2015.4.28, < 2023.7.22 | 2023.7.22 |
Affected products
65- osv-coords64 versionspkg:apk/chainguard/condapkg:apk/chainguard/conda-initpkg:apk/chainguard/conda-wrapperpkg:apk/chainguard/kube-downscalerpkg:apk/wolfi/condapkg:apk/wolfi/conda-initpkg:apk/wolfi/conda-wrapperpkg:apk/wolfi/kube-downscalerpkg:pypi/certifipkg:rpm/almalinux/fence-agents-aliyunpkg:rpm/almalinux/fence-agents-allpkg:rpm/almalinux/fence-agents-amt-wspkg:rpm/almalinux/fence-agents-apcpkg:rpm/almalinux/fence-agents-apc-snmppkg:rpm/almalinux/fence-agents-awspkg:rpm/almalinux/fence-agents-azure-armpkg:rpm/almalinux/fence-agents-bladecenterpkg:rpm/almalinux/fence-agents-brocadepkg:rpm/almalinux/fence-agents-cisco-mdspkg:rpm/almalinux/fence-agents-cisco-ucspkg:rpm/almalinux/fence-agents-commonpkg:rpm/almalinux/fence-agents-computepkg:rpm/almalinux/fence-agents-drac5pkg:rpm/almalinux/fence-agents-eaton-snmppkg:rpm/almalinux/fence-agents-emersonpkg:rpm/almalinux/fence-agents-epspkg:rpm/almalinux/fence-agents-gcepkg:rpm/almalinux/fence-agents-heuristics-pingpkg:rpm/almalinux/fence-agents-hpbladepkg:rpm/almalinux/fence-agents-ibmbladepkg:rpm/almalinux/fence-agents-ibm-powervspkg:rpm/almalinux/fence-agents-ibm-vpcpkg:rpm/almalinux/fence-agents-ifmibpkg:rpm/almalinux/fence-agents-ilo2pkg:rpm/almalinux/fence-agents-ilo-moonshotpkg:rpm/almalinux/fence-agents-ilo-mppkg:rpm/almalinux/fence-agents-ilo-sshpkg:rpm/almalinux/fence-agents-intelmodularpkg:rpm/almalinux/fence-agents-ipdupkg:rpm/almalinux/fence-agents-ipmilanpkg:rpm/almalinux/fence-agents-kdumppkg:rpm/almalinux/fence-agents-kubevirtpkg:rpm/almalinux/fence-agents-lparpkg:rpm/almalinux/fence-agents-mpathpkg:rpm/almalinux/fence-agents-openstackpkg:rpm/almalinux/fence-agents-redfishpkg:rpm/almalinux/fence-agents-rhevmpkg:rpm/almalinux/fence-agents-rsapkg:rpm/almalinux/fence-agents-rsbpkg:rpm/almalinux/fence-agents-sbdpkg:rpm/almalinux/fence-agents-scsipkg:rpm/almalinux/fence-agents-virshpkg:rpm/almalinux/fence-agents-vmware-restpkg:rpm/almalinux/fence-agents-vmware-soappkg:rpm/almalinux/fence-agents-wtipkg:rpm/almalinux/fence-agents-zvmpkg:rpm/almalinux/fence-virtpkg:rpm/almalinux/fence-virtdpkg:rpm/almalinux/fence-virtd-cpgpkg:rpm/almalinux/fence-virtd-libvirtpkg:rpm/almalinux/fence-virtd-multicastpkg:rpm/almalinux/fence-virtd-serialpkg:rpm/almalinux/fence-virtd-tcppkg:rpm/almalinux/ha-cloud-support
< 23.7.2-r1+ 63 more
- (no CPE)range: < 23.7.2-r1
- (no CPE)range: < 23.7.2-r1
- (no CPE)range: < 23.7.2-r1
- (no CPE)range: < 23.2.0-r3
- (no CPE)range: < 23.7.2-r1
- (no CPE)range: < 23.7.2-r1
- (no CPE)range: < 23.7.2-r1
- (no CPE)range: < 23.2.0-r3
- (no CPE)range: >= 2015.4.28, < 2023.7.22
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- (no CPE)range: < 4.10.0-55.el9_3.2.alma.1
- certifi/python-certifiv5Range: >= 2015.04.28, < 2023.07.22
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-xqr8-7jwr-rhp7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-37920ghsaADVISORY
- github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909ghsax_refsource_MISCWEB
- github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7ghsax_refsource_CONFIRMWEB
- github.com/pypa/advisory-database/tree/main/vulns/certifi/PYSEC-2023-135.yamlghsaWEB
- groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1Aghsax_refsource_MISCWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTGghsaWEB
- security.netapp.com/advisory/ntap-20240912-0002ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/mitre
News mentions
0No linked articles in our index yet.