CVE-2020-4071
CVE-2020-4071 applies to the django-basic-auth-ip-whitelist package prior to version 0.3.4. The issue is a timing-attack vulnerability caused by a character-by-character string comparison of configured BASIC_AUTH_LOGIN/BASIC_AUTH_PASSWORD against user input, which may allow an attacker within a l...