VDB

DEBIAN-CVE-2024-32879

DEBIAN-CVE-2024-32879 PUBLISHED CVSS 4.900000095367432 MEDIUM

Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed by a fix released in version 5.4.1. An immediate workaround would be to change collation of the affected field.

Risk Scores

CVSS 3.1
4.900000095367432
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Debian:12social-auth-app-django5.6.0-1, 5.8.0-1, 5.7.0-1
Debian:11social-auth-app-django5.6.0-1, 5.7.0-1, 5.8.0-1
Debian:13social-auth-app-django0, 0
Debian:14social-auth-app-django0, 0

Timeline

  • Apr 24, 2024 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›