CVE-2021-33880
The CVE-2021-33880 issue affects the aaugustin websockets library for Python, before version 9.1. It describes an Observable Timing Discrepancy when HTTP Basic Authentication is enabled (basic_auth_protocol_factory(credentials=...)), allowing an attacker to guess passwords via a timing attack. A ...