Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2025/12/16 12:23 a.m.5 views

SUSE CVE-2025-65431

An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead...

5.4CVSS7.3AI score0.00141EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/12/15 3:30 p.m.4 views

aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +96 more potentially affected by CVE-2025-65431 via django-allauth (>=0.24.1 <=65.12.1)

django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2025-65431 Source advisory: OSV:GHSA-8M3C-C723-H4P4...

5.4CVSS5.7AI score0.00141EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/15 2:39 p.m.5 views

django-daiquiri (>=1.3.0 <=1.3.1), django-jwt-allauth (>=1.0.3 <=1.2.0) +5 more potentially affected by CVE-2025-65431 via django-allauth (>=65.0.1 <=65.12.1)

django-allauth PYPI version =65.0.1, =1.3.0, =1.0.3, =0.3.8, =4.0.0, =2.0.0, =1.1.1, =1.1.2 Source cves: CVE-2025-65431 Source advisory: SNYK:PYTHON-DJANGOALLAUTH-14425069...

5.4CVSS5.7AI score0.00141EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/15 2:15 p.m.8 views

aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +96 more potentially affected by CVE-2025-65431 via django-allauth (>=0.24.1 <=65.12.1)

django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2025-65431 Source advisory: OSV:PYSEC-2025-111...

5.4CVSS5.7AI score0.00141EPSS
Exploits0
OSV
OSV
added 2025/12/15 2:15 p.m.2 views

DEBIAN-CVE-2025-65431

An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead...

5.4CVSS5.2AI score0.00141EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/12/15 2:15 p.m.2 views

CVE-2025-65431

An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead...

5.4CVSS5.8AI score0.00141EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-65431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts...

5.4CVSS5.8AI score0.00141EPSS
Exploits0References3
Rows per page
Query Builder