social-auth-app-django

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting social-auth-app-djangopage 1 of 1

CVE-2024-32879MEDIUMCVSS 4.9EG 4.9✓ Fixed in 5.4.1
2024-04-24
vulnerable: 0.0.1 ... 5.4.0 (18 versions)
Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cau…
CVE-2025-61783MEDIUMCVSS 6.3EG 0.0✓ Fixed in 5.6.0
2025-10-09
vulnerable: 0.0.1 ... 5.5.1 (23 versions)
Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the `associate_by_email` pipeline was not included. This could lead to ac…

Check whether social-auth-app-django is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for social-auth-app-django CVEs against the assets you own.

Start Free Scan →