CVE-2020-27589: Improper Certificate Validation
(updated )
Synopsys hub-rest-api-python (aka blackduck on PyPI) - does not validate SSL certificates in certain cases.
References
Detect and mitigate CVE-2020-27589 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →