CVE-2024-39689 PoC — Certifi 安全漏洞

Source

Associated Vulnerability

Title:Certifi 安全漏洞 (CVE-2024-39689)
Description:Certifi是Certifi开源的一个 Python SSL 证书。 Certifi 2024.07.04之前版本存在安全漏洞，该漏洞源于存在合规性问题，认可来自GLOBALTRUST的根证书。

Description

DO NOT FORK, DEPLOY, OR USE FOR ANYTHING BUT LEARNING. These requirements are vulnerable to CVE-2024-39689

Readme

# DO NOT DEPLOY UNLESS FOR LEARNING ABOUT AWS!!!
Currently vulnerable to [CVE-2024-39689](https://nvd.nist.gov/vuln/detail/CVE-2024-39689). We need to update Certifi. Check dependabot before deploying. Trusting an unverified Certificate Authority can have major loss of customer trust issues.

File Snapshot


 [4.0K]  /data/pocs/b3a15ce763ad39077f1548848d3f8face7963af3
├── [4.0K]  deploy_scripts
│   └── [ 126]  deploy.sh
├── [ 303]  main.py
├── [ 294]  README.md
└── [1.3K]  requirements.txt

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!