Lucene search
K

10 matches found

Veracode
Veracode
added 2025/12/01 12:14 p.m.6 views

Improper Authentication

python-social-auth is vulnerable to Improper Authentication. The vulnerability is due to automatic user association by email even when the associatebyemail pipeline is not enabled, where unvalidated or non-unique emails provided by third-party authentication services can be linked to existing...

6.3CVSS6.9AI score0.00521EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/13 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-61783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail ev...

6.3CVSS5.9AI score0.00521EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/10 11:22 p.m.3 views

SUSE CVE-2025-61783

Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service doe...

6.3CVSS7AI score0.00521EPSS
Exploits0References3
NVD
NVD
added 2025/10/09 9:15 p.m.28 views

CVE-2025-61783

Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service doe...

6.3CVSS0.00521EPSS
Exploits0References6
OSV
OSV
added 2025/10/09 9:15 p.m.2 views

DEBIAN-CVE-2025-61783

Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service doe...

6.3CVSS5.3AI score0.00521EPSS
Exploits0References1
CVE
CVE
added 2025/10/09 8:57 p.m.23 views

CVE-2025-61783

CVE-2025-61783 affects Python Social Auth (specifically the Django integration, python-social-auth/social-app-django). In versions prior to 5.6.0, during authentication a user could be associated by email even if the register/authorization pipeline did not include the associate_by_email step, ena...

6.3CVSS6.5AI score0.00521EPSS
Exploits0References6
OSV
OSV
added 2025/10/09 5:8 p.m.1 views

GHSA-WV4W-6QV2-QQFG Python Social Auth - Django has unsafe account association

Impact Upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn't require unique e-mail addresses. Patche...

6.3CVSS7AI score0.00521EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2025/10/09 5:8 p.m.12 views

Python Social Auth - Django has unsafe account association

Impact Upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn't require unique e-mail addresses. Patche...

6.3CVSS7AI score0.00521EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.4 views

PT-2025-41492

Name of the Vulnerable Software and Affected Versions Python Social Auth versions prior to 5.6.0 Description Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, a user could be associated by email during authentication even if the associate by email...

6.3CVSS5.9AI score0.00521EPSS
Exploits0References19
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.4 views

Python Social Auth 安全漏洞

Python Social Auth is an easy to set up social authentication/registration mechanism from Python Social Auth open source. Multiple frameworks and authentication providers are supported. A security vulnerability exists in Python Social Auth versions prior to 5.6.0, which stems from an unvalidated...

6.3CVSS6.5AI score0.00521EPSS
Exploits0References6
Rows per page
Query Builder