Upgrade 'certifi' to resolve CVE-2023-37920

Issue created from vulnerability 89718566

Description:

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.

• Severity: critical
• Location: poetry.lock

Identifiers:

• Gemnasium-df27d981-01e7-43a6-80ce-c5a3c8a93dee
• GHSA-xqr8-7jwr-rhp7
• CVE-2023-37920

Links:

• https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909
• https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7
• https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A
• https://nvd.nist.gov/vuln/detail/CVE-2023-37920

Scanner:

• Name: gemnasium-python