CVEFinder.io

CVE-2024-39689

⚠ī¸ high
🔍 Scan for this CVE
Summary

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.7.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identif

Description

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.7.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues."

CVSS Score
7.5
High
EPSS Score
21.7
Exploit Probability
Published Date
2024-07-05
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 68.9% of all 329,456 vulnerabilities in our database.

#102,448
Above average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: Jul 5, 2024
🔍 Exploitation Status
None
No known exploits
⚙ī¸ Automatable
NO
Requires human interaction
đŸ’Ĩ Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2025-02-15
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE IDs (Weakness Types)
CWE-345

đŸ“Ļ Affected Products 4

Vendor Product Status Affected Versions
netapp ontap_select_deploy_administration_utility Affected
v-
netapp management_services_for_element_software_and_netapp_hci Affected
v-
netapp ontap_tools Affected
v10
certifi certifi Affected
≥ 2021.5.30 < 2024.7.4

🔗 References 4

https://github.com/certifi/python-certifi/commit/bd8...
Patch
https://github.com/certifi/python-certifi/security/a...
Vendor Advisory
https://groups.google.com/a/mozilla.org/g/dev-securi...
Mailing List
https://security.netapp.com/advisory/ntap-20241206-0...
Third Party Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-27820 ⚠ī¸ high 7.5 0.1 A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host na... 2025-04-24
CVE-2025-1178 đŸ”ļ medium 5.6 0.4 A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is t... 2025-02-11
CVE-2025-1181 đŸ”ļ medium 5.0 0.4 A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_... 2025-02-11
CVE-2025-0167 ℹī¸ low 3.4 0.2 When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used fo... 2025-02-05
CVE-2024-11053 ℹī¸ low 3.4 1.0 When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used f... 2024-12-11
CVE-2024-52533 ⛔ critical 9.8 3.1 gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CON... 2024-11-11
These CVEs affect the same products