In the "Google Images Download", I have identified a security vulnerability about insecure SSL/TLS Verification and configuration. Bypassing certificate verification or accepting all host names are considered insecure. "ssl._create_unverified_context()" shouldn't be used to create SSL/TLS context
Description:
In the "Google Images Download", I have identified a security vulnerability about insecure SSL/TLS Verification and configuration. Bypassing certificate verification or accepting all host names are considered insecure. "ssl._create_unverified_context()" shouldn't be used to create SSL/TLS context
Location:
https://github.com/hardikvasa/google-images-download/blob/master/google_images_download/google_images_download.py#L154
Reference
Recommendations:
Use a SECURE SSL context with proper verification.