Advisories for Pypi/Radicale package

htpasswd authentication is vulnerable to timing-based bruteforce attacks

The filesystem storage backend in Radicale on Windows allows remote attackers to read or write to arbitrary files via a crafted path.