VYPR

PyPI package

social-auth-app-django

pkg:pypi/social-auth-app-django

Vulnerabilities (2)

  • CVE-2025-61783MedOct 9, 2025
    affected < 5.6.0fixed 5.6.0

    Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the `associate_by_email` pipeline was not included. This could lead to account compromise when a third-party authe

  • CVE-2024-32879MedApr 24, 2024
    affected < 5.4.1fixed 5.4.1

    Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has