PYSEC-2023-135

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/certifi/PYSEC-2023-135.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2023-135
Aliases
Published
2023-08-03T19:36:12Z
Modified
2023-11-08T04:13:04.801823Z
Summary
[none]
Details

Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. These are in the process of being removed from Mozilla's trust store. e-Tugra's root certificates are being removed pursuant to an investigation prompted by reporting of security issues in their systems.

References

Affected packages

PyPI / certifi

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2015.4.28
Fixed
2023.7.22

Affected versions

2015.*

2015.04.28
2015.9.6
2015.9.6.1
2015.9.6.2
2015.11.20
2015.11.20.1

2016.*

2016.2.28
2016.8.2
2016.8.8
2016.8.31
2016.9.26

2017.*

2017.1.23
2017.4.17
2017.7.27
2017.7.27.1
2017.11.5

2018.*

2018.1.18
2018.4.16
2018.8.13
2018.8.24
2018.10.15
2018.11.29

2019.*

2019.3.9
2019.6.16
2019.9.11
2019.11.28

2020.*

2020.4.5
2020.4.5.1
2020.4.5.2
2020.6.20
2020.11.8
2020.12.5

2021.*

2021.5.30
2021.10.8

2022.*

2022.5.18
2022.5.18.1
2022.6.15
2022.6.15.1
2022.6.15.2
2022.9.14
2022.9.24
2022.12.7

2023.*

2023.5.7