6 matches found
django-daiquiri (>=1.3.0 <=1.3.2), django-jwt-allauth (>=1.0.3 <=1.2.0) +13 more potentially affected by CVE-2026-27982 via django-allauth (>=65.0.1 <=65.13.1)
django-allauth PYPI version =65.0.1, =1.3.0, =1.0.3, =0.3.8, =4.0.0, =2.0.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.1.1, =1.1.3 Source cves: CVE-2026-27982 Source advisory: SNYK:PYTHON-DJANGOALLAUTH-15426544...
aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +96 more potentially affected by CVE-2025-65430 via django-allauth (>=0.24.1 <=65.12.1)
django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2025-65430 Source advisory: OSV:GHSA-QHMC-3MVR-F2J4...
aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +96 more potentially affected by CVE-2025-65431 via django-allauth (>=0.24.1 <=65.12.1)
django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2025-65431 Source advisory: OSV:GHSA-8M3C-C723-H4P4...
django-daiquiri (>=1.3.0 <=1.3.1), django-jwt-allauth (>=1.0.3 <=1.2.0) +5 more potentially affected by CVE-2025-65431 via django-allauth (>=65.0.1 <=65.12.1)
django-allauth PYPI version =65.0.1, =1.3.0, =1.0.3, =0.3.8, =4.0.0, =2.0.0, =1.1.1, =1.1.2 Source cves: CVE-2025-65431 Source advisory: SNYK:PYTHON-DJANGOALLAUTH-14425069...
aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +96 more potentially affected by CVE-2025-65431 via django-allauth (>=0.24.1 <=65.12.1)
django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2025-65431 Source advisory: OSV:PYSEC-2025-111...
CVE-2025-65430
CVE-2025-65430 affects allauth-django prior to 65.13.0. The issue arises when an IdP marks a user as is_active=False after tokens have been issued for that user, leaving active tokens potentially usable. The root cause is that marking the user inactive had no effect on existing tokens. The publis...