Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
social-auth-app-django Improper Handling of Case Sensitivity vulnerability
Vulnerability Description
Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed by a fix released in version 5.4.1. An immediate workaround would be to change collation of the affected field.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
大小写敏感处理不恰当
Vulnerability Title
Python Social Auth 安全漏洞
Vulnerability Description
Python Social Auth是Python Social Auth开源的一种易于设置的社交身份验证/注册机制。支持多个框架和身份验证提供者。 Python Social Auth 5.4.1之前版本存在安全漏洞,该漏洞源于 MySQL、MariaDB数据库中默认不区分大小写的排序规则,第三方身份验证用户ID不区分大小写,可能会导致不同的ID匹配。
CVSS Information
N/A
Vulnerability Type
N/A