Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Certifi removes GLOBALTRUST root certificate
Vulnerability Description
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.7.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues."
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
对数据真实性的验证不充分
Vulnerability Title
Certifi 安全漏洞
Vulnerability Description
Certifi是Certifi开源的一个 Python SSL 证书。 Certifi 2024.07.04之前版本存在安全漏洞,该漏洞源于存在合规性问题,认可来自GLOBALTRUST的根证书。
CVSS Information
N/A
Vulnerability Type
N/A