10 matches found
Improper Authentication
python-social-auth is vulnerable to Improper Authentication. The vulnerability is due to automatic user association by email even when the associatebyemail pipeline is not enabled, where unvalidated or non-unique emails provided by third-party authentication services can be linked to existing...
Linux Distros Unpatched Vulnerability : CVE-2025-61783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail ev...
SUSE CVE-2025-61783
Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service doe...
CVE-2025-61783
Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service doe...
DEBIAN-CVE-2025-61783
Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service doe...
CVE-2025-61783
CVE-2025-61783 affects Python Social Auth (specifically the Django integration, python-social-auth/social-app-django). In versions prior to 5.6.0, during authentication a user could be associated by email even if the register/authorization pipeline did not include the associate_by_email step, ena...
GHSA-WV4W-6QV2-QQFG Python Social Auth - Django has unsafe account association
Impact Upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn't require unique e-mail addresses. Patche...
Python Social Auth - Django has unsafe account association
Impact Upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn't require unique e-mail addresses. Patche...
PT-2025-41492
Name of the Vulnerable Software and Affected Versions Python Social Auth versions prior to 5.6.0 Description Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, a user could be associated by email during authentication even if the associate by email...
Python Social Auth 安全漏洞
Python Social Auth is an easy to set up social authentication/registration mechanism from Python Social Auth open source. Multiple frameworks and authentication providers are supported. A security vulnerability exists in Python Social Auth versions prior to 5.6.0, which stems from an unvalidated...