CVE-2024-32879
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Published Apr 24, 2024
Updated: Apr 25, 2024
CWE ID 178
CWE ID 303
Summary
CVE-2024-32879 is a vulnerability affecting the Python Social Auth library before version 5.4.1. This social authentication/registration mechanism uses MySQL or MariaDB databases with default case-insensitive collation, allowing third-party user IDs to match even if they differ only in case. This could lead to unauthorized access or other security issues. The vulnerability has been addressed with a fix in version 5.4.1, and a workaround involves changing the collation of the affected field in the database.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
Note: This is just a basic overview providing quick insights into CVE-2024-32879 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions