Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2023-37920

Insufficient Verification of Data Authenticity

Published: Jul 25, 2023 | Modified: Feb 13, 2025
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
9.1 LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Ubuntu
NEGLIGIBLE
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-37920
CWEhttps://cwe.mitre.org/data/definitions/345.html

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes e-Tugra root certificates. e-Tugras root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from e-Tugra from the root store.

Weakness

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Affected Software

NameVendorStart VersionEnd Version
CertifiCertifi2015.4.28 (including)2023.7.22 (excluding)
Red Hat Enterprise Linux 8RedHatfence-agents-0:4.2.1-121.el8_9.2*
Red Hat Enterprise Linux 8RedHatca-certificates-0:2024.2.69_v8.0.303-80.0.el8_10*
Red Hat Enterprise Linux 8.1 Update Services for SAP SolutionsRedHatfence-agents-0:4.2.1-30.el8_1.10*
Red Hat Enterprise Linux 8.2 Advanced Update SupportRedHatfence-agents-0:4.2.1-41.el8_2.12*
Red Hat Enterprise Linux 8.2 Telecommunications Update ServiceRedHatfence-agents-0:4.2.1-41.el8_2.12*
Red Hat Enterprise Linux 8.2 Update Services for SAP SolutionsRedHatfence-agents-0:4.2.1-41.el8_2.12*
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRedHatfence-agents-0:4.2.1-65.el8_4.13*
Red Hat Enterprise Linux 8.4 Telecommunications Update ServiceRedHatfence-agents-0:4.2.1-65.el8_4.13*
Red Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRedHatfence-agents-0:4.2.1-65.el8_4.13*
Red Hat Enterprise Linux 8.6 Extended Update SupportRedHatfence-agents-0:4.2.1-89.el8_6.10*
Red Hat Enterprise Linux 8.8 Extended Update SupportRedHatfence-agents-0:4.2.1-112.el8_8.2*
Red Hat Enterprise Linux 9RedHatfence-agents-0:4.10.0-55.el9_3.2*
Red Hat Enterprise Linux 9RedHatca-certificates-0:2024.2.69_v8.0.303-91.4.el9_4*
Red Hat Enterprise Linux 9.0 Extended Update SupportRedHatfence-agents-0:4.10.0-20.el9_0.10*
Red Hat Enterprise Linux 9.2 Extended Update SupportRedHatfence-agents-0:4.10.0-43.el9_2.2*
Red Hat OpenShift Container Platform 4.17RedHatopenshift4/ose-ansible-rhel9-operator:v4.17.0-202410112132.p0.g1d4d62e.assembly.stream.el9*
Python-certifiUbuntubionic*
Python-certifiUbuntudevel*
Python-certifiUbuntuesm-apps/xenial*
Python-certifiUbuntuesm-infra/bionic*
Python-certifiUbuntuesm-infra/focal*
Python-certifiUbuntufocal*
Python-certifiUbuntujammy*
Python-certifiUbuntukinetic*
Python-certifiUbuntulunar*
Python-certifiUbuntumantic*
Python-certifiUbuntutrusty*
Python-certifiUbuntuupstream*
Python-certifiUbuntuxenial*
Python-pipUbuntubionic*
Python-pipUbuntudevel*
Python-pipUbuntuesm-apps/bionic*
Python-pipUbuntuesm-apps/focal*
Python-pipUbuntuesm-apps/jammy*
Python-pipUbuntuesm-apps/xenial*
Python-pipUbuntuesm-infra-legacy/trusty*
Python-pipUbuntufocal*
Python-pipUbuntujammy*
Python-pipUbuntukinetic*
Python-pipUbuntulunar*
Python-pipUbuntumantic*
Python-pipUbuntutrusty*
Python-pipUbuntutrusty/esm*
Python-pipUbuntuxenial*

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use