Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.
{ "binaries": [ { "binary_name": "python-radicale", "binary_version": "1.1.1-1" }, { "binary_name": "python3-radicale", "binary_version": "1.1.1-1" }, { "binary_name": "radicale", "binary_version": "1.1.1-1" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-8342.json"