Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/9853?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9853?format=api", "vulnerability_id": "VCID-ae1s-qa4g-eyes", "summary": "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from \"TrustCor\" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.", "aliases": [ { "alias": "CVE-2022-23491" }, { "alias": "GHSA-43fp-rhv2-5gv8" }, { "alias": "PYSEC-2022-42986" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936296?format=api", "purl": "pkg:deb/debian/python-certifi@2023.7.22-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2023.7.22-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/995205?format=api", "purl": "pkg:deb/debian/python-certifi@2025.1.31%2Bds-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2025.1.31%252Bds-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/936297?format=api", "purl": "pkg:deb/debian/python-certifi@2025.1.31%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2025.1.31%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936295?format=api", "purl": "pkg:deb/debian/python-certifi@2026.2.25%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2026.2.25%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077483?format=api", "purl": "pkg:deb/debian/python-certifi@2026.4.22%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2026.4.22%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/30633?format=api", "purl": "pkg:pypi/certifi@2022.12.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.12.7" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995203?format=api", "purl": "pkg:deb/debian/python-certifi@2020.6.20-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2020.6.20-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/936293?format=api", "purl": "pkg:deb/debian/python-certifi@2020.6.20-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2020.6.20-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/995204?format=api", "purl": "pkg:deb/debian/python-certifi@2022.9.24-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2022.9.24-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/936294?format=api", "purl": "pkg:deb/debian/python-certifi@2022.9.24-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-certifi@2022.9.24-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/30601?format=api", "purl": "pkg:pypi/certifi@2017.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2017.11.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/30602?format=api", "purl": "pkg:pypi/certifi@2018.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2018.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/30603?format=api", "purl": "pkg:pypi/certifi@2018.4.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2018.4.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/30605?format=api", "purl": "pkg:pypi/certifi@2018.8.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2018.8.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/30606?format=api", "purl": "pkg:pypi/certifi@2018.8.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2018.8.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/30607?format=api", "purl": "pkg:pypi/certifi@2018.10.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2018.10.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/30608?format=api", "purl": "pkg:pypi/certifi@2018.11.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2018.11.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/30609?format=api", "purl": "pkg:pypi/certifi@2019.3.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2019.3.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/30610?format=api", "purl": "pkg:pypi/certifi@2019.6.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2019.6.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/30611?format=api", "purl": "pkg:pypi/certifi@2019.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2019.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/30612?format=api", "purl": "pkg:pypi/certifi@2019.11.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2019.11.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/30614?format=api", "purl": "pkg:pypi/certifi@2020.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2020.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/30615?format=api", "purl": "pkg:pypi/certifi@2020.4.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2020.4.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/30617?format=api", "purl": "pkg:pypi/certifi@2020.4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2020.4.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/30619?format=api", "purl": "pkg:pypi/certifi@2020.6.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2020.6.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/30620?format=api", "purl": "pkg:pypi/certifi@2020.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2020.11.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/30621?format=api", "purl": "pkg:pypi/certifi@2020.12.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2020.12.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/30622?format=api", "purl": "pkg:pypi/certifi@2021.5.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2021.5.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/30623?format=api", "purl": "pkg:pypi/certifi@2021.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2021.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/30624?format=api", "purl": "pkg:pypi/certifi@2022.5.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.5.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/30625?format=api", "purl": "pkg:pypi/certifi@2022.5.18.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.5.18.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/30627?format=api", "purl": "pkg:pypi/certifi@2022.6.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.6.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/30628?format=api", "purl": "pkg:pypi/certifi@2022.6.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.6.15.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/30630?format=api", "purl": "pkg:pypi/certifi@2022.6.15.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.6.15.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/30631?format=api", "purl": "pkg:pypi/certifi@2022.9.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.9.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/30632?format=api", "purl": "pkg:pypi/certifi@2022.9.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2wd3-e3mb-ebgn" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-qx4m-q293-ckhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/certifi@2022.9.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/92300?format=api", "purl": "pkg:rpm/redhat/ceph@2:19.2.1-222?arch=el9cp", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bm9-9f5h-2yg5" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-bxfr-hpkh-cyby" }, { "vulnerability": "VCID-ks48-yq6s-aue1" }, { "vulnerability": "VCID-kycs-rbvn-z3e7" }, { "vulnerability": "VCID-qn4r-71h3-sbgb" }, { "vulnerability": "VCID-rk14-bw25-2yhe" }, { "vulnerability": "VCID-xnny-adma-pycj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:19.2.1-222%3Farch=el9cp" }, { "url": "http://public2.vulnerablecode.io/api/packages/92302?format=api", "purl": "pkg:rpm/redhat/cephadm-ansible@1:4.1.4-1?arch=el9cp", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bm9-9f5h-2yg5" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-bxfr-hpkh-cyby" }, { "vulnerability": "VCID-ks48-yq6s-aue1" }, { "vulnerability": "VCID-kycs-rbvn-z3e7" }, { "vulnerability": "VCID-qn4r-71h3-sbgb" }, { "vulnerability": "VCID-rk14-bw25-2yhe" }, { "vulnerability": "VCID-xnny-adma-pycj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cephadm-ansible@1:4.1.4-1%3Farch=el9cp" }, { "url": "http://public2.vulnerablecode.io/api/packages/92301?format=api", "purl": "pkg:rpm/redhat/oath-toolkit@2.6.12-1?arch=el9cp", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9bm9-9f5h-2yg5" }, { "vulnerability": "VCID-ae1s-qa4g-eyes" }, { "vulnerability": "VCID-bxfr-hpkh-cyby" }, { "vulnerability": "VCID-ks48-yq6s-aue1" }, { "vulnerability": "VCID-kycs-rbvn-z3e7" }, { "vulnerability": "VCID-qn4r-71h3-sbgb" }, { "vulnerability": "VCID-rk14-bw25-2yhe" }, { "vulnerability": "VCID-xnny-adma-pycj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/oath-toolkit@2.6.12-1%3Farch=el9cp" }, { "url": "http://public2.vulnerablecode.io/api/packages/97478?format=api", "purl": "pkg:rpm/redhat/python3x-certifi@2022.12.7-1?arch=el8ap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ae1s-qa4g-eyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3x-certifi@2022.12.7-1%3Farch=el8ap" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23491.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1583", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15719", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15844", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16012", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1589", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1593", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16006", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15943", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15939", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15905", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15805", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16979", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16904", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1692", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17017", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16976", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1704", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17101", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17148", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17173", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23491" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/certifi/python-certifi", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/certifi/python-certifi" }, { "reference_url": "https://github.com/certifi/python-certifi/commit/9e9e840925d7b8e76c76fdac1fab7e6e88c1c3b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/certifi/python-certifi/commit/9e9e840925d7b8e76c76fdac1fab7e6e88c1c3b8" }, { "reference_url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:52:56Z/" } ], "url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/certifi/PYSEC-2022-42986.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/certifi/PYSEC-2022-42986.yaml" }, { "reference_url": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:52:56Z/" } ], "url": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230223-0010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230223-0010" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180089", "reference_id": "2180089", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180089" }, { "reference_url": "https://github.com/advisories/GHSA-43fp-rhv2-5gv8", "reference_id": "GHSA-43fp-rhv2-5gv8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-43fp-rhv2-5gv8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9775", "reference_id": "RHSA-2025:9775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9776", "reference_id": "RHSA-2025:9776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9776" } ], "weaknesses": [ { "cwe_id": 345, "name": "Insufficient Verification of Data Authenticity", "description": "The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "4.0 - 7.5", "exploitability": "0.5", "weighted_severity": "6.8", "risk_score": 3.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ae1s-qa4g-eyes" }