Количество 4
Количество 4
CVE-2025-65431
An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead.
CVE-2025-65431
An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead.
CVE-2025-65431
An issue was discovered in allauth-django before 65.13.0. Both Okta an ...
GHSA-8m3c-c723-h4p4
django-allauth's Okta and NetIQ implementations used a mutable identifier for authorization decisions
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-65431 An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead. | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-65431 An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead. | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-65431 An issue was discovered in allauth-django before 65.13.0. Both Okta an ... | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| GHSA-8m3c-c723-h4p4 django-allauth's Okta and NetIQ implementations used a mutable identifier for authorization decisions | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу