VYPR

rpm package

opensuse/python-social-auth-app-django&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-social-auth-app-django&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2025-61783MedOct 9, 2025
    affected < 5.7.0-1.1fixed 5.7.0-1.1

    Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the `associate_by_email` pipeline was not included. This could lead to account compromise when a third-party authe

  • CVE-2024-32879MedApr 24, 2024
    affected < 5.4.1-1.1fixed 5.4.1-1.1

    Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has