CVE-2020-27589

Name of the Vulnerable Software and Affected Versions Synopsys hub-rest-api-python (aka blackduck on PyPI) versions 0.0.25 through 0.0.52

Description The issue is related to the failure to validate SSL certificates in certain cases. This could potentially lead to security risks, as it may allow for man-in-the-middle attacks or other types of exploitation.

Recommendations For versions 0.0.25 through 0.0.52, consider updating to a version that properly validates SSL certificates to mitigate the risk. As a temporary workaround, restrict the use of the affected API to minimize the risk of exploitation.