VYPR

django-basic-auth-ip-whitelist

by tm-kn

pypi: django-basic-auth-ip-whitelist

Source repositories

CVEs (1)

  • CVE-2020-4071Jun 24, 2020
    risk 0.00cvss epss 0.00

    In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASIC_AUTH_LOGIN and BASIC_AUTH_PASSWORD is set. Currently the string comparison between configured credentials and the ones…