VDB
DEBIAN-CVE-2024-32879
DEBIAN-CVE-2024-32879
PUBLISHED
CVSS 4.900000095367432 MEDIUM
Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed by a fix released in version 5.4.1. An immediate workaround would be to change collation of the affected field.
Risk Scores
CVSS 3.1
4.900000095367432
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | social-auth-app-django | 5.6.0-1, 5.8.0-1, 5.7.0-1 |
| Debian:11 | social-auth-app-django | 5.6.0-1, 5.7.0-1, 5.8.0-1 |
| Debian:13 | social-auth-app-django | 0, 0 |
| Debian:14 | social-auth-app-django | 0, 0 |
Timeline
- Apr 24, 2024 CVE Published
- Apr 28, 2026 CVE Updated