MiracleLinux 8 : fence-agents-4.2.1-121.el8_9.2 (AXSA:2024-7416:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7416:01 advisory. python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 python-urllib3: Cookie request header isn't stripped during cross-origin redirect...

TencentOS Server 4: python-certifi (TSSA-2024:0273)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0273 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

NewStart CGSL MAIN 7.02 : python-certifi Multiple Vulnerabilities (NS-SA-2025-0144)

The remote NewStart CGSL host, running version MAIN 7.02, has python-certifi packages installed that are affected by multiple vulnerabilities: - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts...

python-certifi: untrusted root certificates

A flaw was found in python-certifi. Untrusted certificates from TrustCor have been found in the root certificates store...

NewStart CGSL MAIN 7.02 : python-certifi Vulnerability (NS-SA-2025-0070)

The remote NewStart CGSL host, running version MAIN 7.02, has python-certifi packages installed that are affected by a vulnerability: - In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error This patch addresses a race...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Certifi python-certifi

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Certifi python-certifi Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS...

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...

CVE-2023-37920 affecting package python-certifi for versions less than 2023.05.07-1.cm2

CVE-2023-37920 affecting package python-certifi for versions less than 2023.05.07-1.cm2. A patched version of the package is available...

Security Bulletin: IBM Maximo Application Suite - IBM Asset Data Dictionary Component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to CVE-2024-39689

Summary IBM Maximo Application Suite - IBM Asset Data Dictionary Component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to CVE-2024-39689. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi [CVE-2024-39689]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi, caused by the use of GLOBALTRUST root certificate CVE-2024-39689. Certifi python-certifi is used by our Speech Service runtimes. This vulnerabilitiy has been...

Security Bulletin: Vulnerabilities in requests, setuptools , python-certifi & urllib3 can affect IBM Storage Protect Plus Microsoft File Systems Backup and Restore [CVE-2024-35195,CVE-2024-6345,CVE-2024-39689,CVE-2024-37891]

Summary IBM Storage Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in requests, setuptools , python-certifi & urllib3 which include bypass security restrictions , by using download functions to inject and execute arbitrary code on the system, weaker...

Security Bulletin: A vulnerability in python certifi package affects IBM Db2 Big SQL

Summary There is a vulnerability in python package certifi-2024.6.2-py3-none-any.whl affecting IBM Db2 Big SQL 7.7.0 on CP4D 5.0 Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected security, caused by the use of GLOBALTRUST root...

Security Bulletin: Security vulnerability CVE-2024-39689 in Certifi python-certifi that is used by FileNet Content Manager and CP4BA - Filenet Content Manager Component

Summary Security vulnerability CVE-2024-39689 in Certifi python-certifi that is used by FileNet Content Manager and CP4BA - Filenet Content Manager Component in container Operator Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi [CVE-2024-39689]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi, caused by the use of GLOBALTRUST root certificate CVE-2024-39689. Certifi python-certifi is used by our Speech Service runtimes. This vulnerabilitiy has been...

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to this CVE-2024-39689

Summary IBM Maximo Application Suite - Predict Component component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to this CVE-2024-39689 Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected security, caused by the use of...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Certifi python-certifi

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Certifi python-certifi Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected security, caused by the use of GLOBALTRUST root certificate. An attacke...

Security Bulletin: IBM Maximo Application Suite uses certifi-2024.6.2-py3-none-any.whl which is vulnerable to CVE-2024-39689.

Summary IBM Maximo Application Suite uses certifi-2024.6.2-py3-none-any.whl which is vulnerable to CVE-2024-39689. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker th...

Security Bulletin: IBM Security Guardium Insights is affected by multiple vulnerabilities (CVE-2024-5569, CVE-2024-39689)

Summary IBM Security Guardium Insights has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2024-5569 DESCRIPTION: zipp is vulnerable to a denial of service, caused by an infinite loop flaw in the Path module. By using a specially crafted zip file, a local attacker...

Security Bulletin: IBM InfoSphere Information Server is affected by a security vulnerability in Certifi python-certifi (CVE-2024-39689)

Summary A security vulnerability in Certifi python-certifi that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected security, caused by the use of GLOBALTRUST root certificate. An...

Security Bulletin: Vulnerability in Certifi python-certifi

Summary Certifi python-certifi could provide weaker than expected security, caused by the use of GLOBALTRUST root certificate. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected security, caused by the us...