ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| pyftpdlib(PyPI) | 0 | 0.5.0 | N/A |
CVSS Metrics
