Approved changes feed: RSS · Atom

cpe:2.3:a:allauth:allauth:*:*:*:*:*:django:*:*

part: a version: * update: *

VendorAllauth (dabd9586-e2de-5a12-95b3-250b5d0b6028)
ProductAllauth (862204ac-6ac6-5cf0-8271-b03505312860)
Edition*
Language*
Software edition*
Target softwaredjango
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-27982 vulnerable 2026-06-08 07:55:14.768696 Details available
MEDIUM (4.3)
An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled (it is disabled by default), which may allow an attacker to redirect users to an arbitrary external website via a crafted URL.
Published: 2026-03-05T05:31:25.711Z
Updated: 2026-03-06T18:19:55.985Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-65431 vulnerable 2026-06-08 07:39:20.873775 Details available
An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead.
Published: 2025-12-15T00:00:00.000Z
Updated: 2025-12-16T15:46:43.345Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-65430 vulnerable 2026-06-08 07:39:20.873230 Details available
An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as is_active=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected.
Published: 2025-12-15T00:00:00.000Z
Updated: 2025-12-15T15:40:25.050Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.