Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2023-37920

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. (CVE-2023-37920)

Source

ALAS-2023-1817

Amazon Linux AMI Security Advisory: ALAS-2023-1817
Advisory Release Date: 2023-08-30 17:56 Pacific
Advisory Updated Date: 2023-09-09 00:34 Pacific

Severity: Important

References: CVE-2023-37920
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. (CVE-2023-37920)

Affected Packages:

ca-certificates

Issue Correction:
Run yum update ca-certificates to update your system.

New Packages:

noarch:
    ca-certificates-2018.2.22-65.1.31.amzn1.noarch

src:
    ca-certificates-2018.2.22-65.1.31.amzn1.src

Additional References

Red Hat: CVE-2023-37920

Mitre: CVE-2023-37920

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2023-1817

ALAS-2023-1817

Additional References

Vulmon Search

About

Products

Connect