Lucene search
K

47 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 8:1 p.m.6 views

Security Bulletin: IBM Storage Ceph is vulnerable to Insufficient Verification of Data Authenticity in Certifi (CVE-2022-23491)

Summary Certifi is used by IBM Storage Ceph for certificates and authentication . CVE-2022-23491 This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: Certifi is a curated collection of Root Certificate...

7.5CVSS6.8AI score0.00535EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/01 12:0 a.m.6 views

Photon OS 3.0: Python PHSA-2023-3.0-0704

An update of the python package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0704. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.3AI score0.00535EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2022-23491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi...

7.5CVSS6.5AI score0.00535EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/08 5:38 p.m.32 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to unknown impact and attack vector due to Python certifi ( CVE-2022-23491 )

Summary Python certifi is used by IBM Cloud Pak for Data as part of the platform. CVE-2022-23491. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with TrustCor's ownership also operated a business that produced spyware in Certifi has an unknown impact and attack...

7.5CVSS7.2AI score0.00535EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.22 views

Photon OS 5.0: Python3 PHSA-2023-5.0-0179

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0179. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.3AI score0.00535EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.31 views

openSUSE: Security Advisory for python (SUSE-SU-2023:0139-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.00535EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.23 views

openSUSE: Security Advisory for mozilla (SUSE-SU-2023:0119-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.00696EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.22 views

openSUSE: Security Advisory for mozilla (SUSE-SU-2023:0130-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.00696EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:30 p.m.39 views

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to untrusted root certificates due Python Certifi (CVE-2022-23491, CVE-2023-37920)

Summary The Python Certifi package is present during IBM Storage Fusion HCI's deployment for TLS certificate validation. Vulnerabilities in this library could lead to the use of untrusted root certificates. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with...

9.8CVSS8AI score0.00535EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.149 views

Oracle Database Server (October 2023 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the Oracle Spatial and Graph cURL component of Oracle Database Server. Supported versions that are affected are 19.3-19.2...

7.5CVSS6.4AI score0.62246EPSS
Exploits16References23
Tenable Nessus
Tenable Nessus
added 2023/08/14 12:0 a.m.22 views

Amazon Linux AMI : ca-certificates (ALAS-2023-1795)

The version of ca-certificates installed on the remote host is prior to 2018.2.22-65.1.30. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1795 advisory. An initial fix in Amazon Linux ca-certificates package relating to CVE-2022-23491 did not properly remove root...

7.5CVSS6.7AI score0.00535EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/08 8:43 p.m.30 views

Security Bulletin: Certifi component is vulnerable to CVE-2022-23491 used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Certifi which is vulnerable to CVE-2022-23491. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with TrustCor's ownership also operated a business that produced spyware in Certifi has an unknown impact and attack vector. CVS...

7.5CVSS6.8AI score0.00535EPSS
Exploits0Affected Software1
Amazon
Amazon
added 2023/08/07 12:0 a.m.64 views

Important: ca-certificates

Issue Overview: An initial fix in Amazon Linux ca-certificates package relating to CVE-2022-23491 did not properly remove root certificates from TrustCor from the root store. CVE-2023-32803 Affected Packages: ca-certificates Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

7.5CVSS7AI score0.00535EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/31 10:45 a.m.17 views

Security Bulletin: Vulnerability in certifi-2018.4.16-py2.py3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0) [CVE-2022-23491]

Summary The certifi-2018.4.16-py2.py3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2022-23491. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with TrustCor's ownership also operated a...

7.5CVSS6.7AI score0.00535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 5:1 p.m.15 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable an unspecified vulnerability in Certifi ( CVE-2022-23491)

Summary Potential unspecified vulnerability in Certifi CVE-2022-23491has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with TrustCor's...

7.5CVSS6.8AI score0.00535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/14 12:30 p.m.38 views

Security Bulletin: A vulnerability in Certifi package may affect IBM Storage Scale (CVE-2022-23491)

Summary A vulnerability in Certifi package may affect the IBM Storage Scale call home feature. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with TrustCor's ownership also operated a business that produced spyware in Certifi has an unknown impact and attack vecto...

7.5CVSS6.8AI score0.00535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/12 8:50 a.m.24 views

Security Bulletin:Vulnerability in certifi-2018.4.16 affects IBM Integrated Analytics System [ CVE-2022-23491]

Summary The certifi-2018.4.16 package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable vulnerabiltiy CVE-2022-23491. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with TrustCor's ownership also operated a...

7.5CVSS6.7AI score0.00535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 1:2 p.m.50 views

Security Bulletin: IBM Cloud Pak for Network Automation v2.4.3 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation v2.4.3 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-1304 DESCRIPTION: e2fsprogs could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read/write...

9.8CVSS9AI score0.99615EPSS
Exploits13Affected Software1
OpenVAS
OpenVAS
added 2023/04/17 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2023-0140)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.00535EPSS
Exploits0References9
OSV
OSV
added 2023/04/15 7:3 p.m.14 views

MGASA-2023-0140 Updated python-certifi packages fix security vulnerability

Disable bundled Trustcor root cerificate signatures generated after Wednesday November 30 00:00:00 2022. CVE-2022-23491...

7.5CVSS7.5AI score0.00535EPSS
Exploits0References8
Rows per page
Query Builder