Django REST framework
Api Root
Vulnerability List
Vulnerability Instance
Format
json
api
admin
Vulnerability Instance
Lookup for vulnerabilities affecting packages.
Vulnerability_id
VCID-n4r1-ckx3-r7ht
Summary
Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases.
Aliases
0
alias
CVE-2020-27589
1
alias
GHSA-f248-v4qh-x2r6
2
alias
PYSEC-2020-26
Fixed_packages
0
url
pkg:pypi/blackduck@0.0.53
purl
pkg:pypi/blackduck@0.0.53
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.53
Affected_packages
0
url
pkg:pypi/blackduck@0.0.25
purl
pkg:pypi/blackduck@0.0.25
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.25
1
url
pkg:pypi/blackduck@0.0.26
purl
pkg:pypi/blackduck@0.0.26
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.26
2
url
pkg:pypi/blackduck@0.0.27
purl
pkg:pypi/blackduck@0.0.27
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.27
3
url
pkg:pypi/blackduck@0.0.28
purl
pkg:pypi/blackduck@0.0.28
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.28
4
url
pkg:pypi/blackduck@0.0.29
purl
pkg:pypi/blackduck@0.0.29
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.29
5
url
pkg:pypi/blackduck@0.0.30
purl
pkg:pypi/blackduck@0.0.30
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.30
6
url
pkg:pypi/blackduck@0.0.31
purl
pkg:pypi/blackduck@0.0.31
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.31
7
url
pkg:pypi/blackduck@0.0.32
purl
pkg:pypi/blackduck@0.0.32
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.32
8
url
pkg:pypi/blackduck@0.0.33
purl
pkg:pypi/blackduck@0.0.33
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.33
9
url
pkg:pypi/blackduck@0.0.34
purl
pkg:pypi/blackduck@0.0.34
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.34
10
url
pkg:pypi/blackduck@0.0.35
purl
pkg:pypi/blackduck@0.0.35
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.35
11
url
pkg:pypi/blackduck@0.0.36
purl
pkg:pypi/blackduck@0.0.36
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.36
12
url
pkg:pypi/blackduck@0.0.37
purl
pkg:pypi/blackduck@0.0.37
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.37
13
url
pkg:pypi/blackduck@0.0.38
purl
pkg:pypi/blackduck@0.0.38
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.38
14
url
pkg:pypi/blackduck@0.0.39
purl
pkg:pypi/blackduck@0.0.39
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.39
15
url
pkg:pypi/blackduck@0.0.40
purl
pkg:pypi/blackduck@0.0.40
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.40
16
url
pkg:pypi/blackduck@0.0.41
purl
pkg:pypi/blackduck@0.0.41
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.41
17
url
pkg:pypi/blackduck@0.0.42
purl
pkg:pypi/blackduck@0.0.42
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.42
18
url
pkg:pypi/blackduck@0.0.43
purl
pkg:pypi/blackduck@0.0.43
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.43
19
url
pkg:pypi/blackduck@0.0.44
purl
pkg:pypi/blackduck@0.0.44
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.44
20
url
pkg:pypi/blackduck@0.0.45
purl
pkg:pypi/blackduck@0.0.45
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.45
21
url
pkg:pypi/blackduck@0.0.46
purl
pkg:pypi/blackduck@0.0.46
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.46
22
url
pkg:pypi/blackduck@0.0.47
purl
pkg:pypi/blackduck@0.0.47
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.47
23
url
pkg:pypi/blackduck@0.0.48
purl
pkg:pypi/blackduck@0.0.48
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.48
24
url
pkg:pypi/blackduck@0.0.49
purl
pkg:pypi/blackduck@0.0.49
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.49
25
url
pkg:pypi/blackduck@0.0.50
purl
pkg:pypi/blackduck@0.0.50
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.50
26
url
pkg:pypi/blackduck@0.0.51
purl
pkg:pypi/blackduck@0.0.51
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.51
27
url
pkg:pypi/blackduck@0.0.52
purl
pkg:pypi/blackduck@0.0.52
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-n4r1-ckx3-r7ht
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/blackduck@0.0.52
References
0
reference_url
https://community.synopsys.com/s/question/0D52H00005JCZAXSA5/announcement-black-duck-defect-identified
reference_id
reference_type
scores
url
https://community.synopsys.com/s/question/0D52H00005JCZAXSA5/announcement-black-duck-defect-identified
1
reference_url
https://github.com/advisories/GHSA-f248-v4qh-x2r6
reference_id
reference_type
scores
url
https://github.com/advisories/GHSA-f248-v4qh-x2r6
2
reference_url
https://github.com/blackducksoftware/hub-rest-api-python
reference_id
reference_type
scores
url
https://github.com/blackducksoftware/hub-rest-api-python
3
reference_url
https://github.com/blackducksoftware/hub-rest-api-python/pull/113/commits/273b27d0de1004389dd8cf43c40b1197c787e7cd
reference_id
reference_type
scores
url
https://github.com/blackducksoftware/hub-rest-api-python/pull/113/commits/273b27d0de1004389dd8cf43c40b1197c787e7cd
4
reference_url
https://pypi.org/project/blackduck/
reference_id
reference_type
scores
url
https://pypi.org/project/blackduck/
5
reference_url
https://www.optiv.com/explore-optiv-insights/source-zero/certificate-validation-disabled-black-duck-api-wrapper
reference_id
reference_type
scores
url
https://www.optiv.com/explore-optiv-insights/source-zero/certificate-validation-disabled-black-duck-api-wrapper
Weaknesses
Exploits
Severity_range_score
null
Exploitability
null
Weighted_severity
null
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-n4r1-ckx3-r7ht
×
Create
None
×
Edit
None