GHSA-q6w2-jxcm-2crj, CVE-2008-7263
pypi/pyftpdlib
Improper Authentication
ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.
All versions before 0.5.0
Upgrade to version 0.5.0 or above.
2022-06-10
source |