Sentry
by Getsentry
Source repositories
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-39349 | 0.00 | — | 0.01 | Aug 7, 2023 | Sentry is an error tracking and performance monitoring platform. Starting in version 22.1.0 and prior to version 23.7.2, an attacker with access to a token with few or no scopes can query `/api/0/api-tokens/` for a list of all tokens created by a user, including tokens with… | |||
| CVE-2023-36826 | 0.00 | — | 0.01 | Jul 25, 2023 | Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a… | |||
| CVE-2023-36829 | 0.00 | — | 0.01 | Jul 6, 2023 | Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true` HTTP header if the `Origin` request header ends with the… | |||
| CVE-2022-23485 | 0.00 | — | 0.00 | Dec 10, 2022 | Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an… | |||
| CVE-2013-7287 | 0.00 | — | 0.01 | Feb 13, 2020 | MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme. | |||
| CVE-2013-7286 | 0.00 | — | 0.01 | Feb 12, 2020 | MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm |
- CVE-2023-39349Aug 7, 2023risk 0.00cvss —epss 0.01
Sentry is an error tracking and performance monitoring platform. Starting in version 22.1.0 and prior to version 23.7.2, an attacker with access to a token with few or no scopes can query `/api/0/api-tokens/` for a list of all tokens created by a user, including tokens with…
- CVE-2023-36826Jul 25, 2023risk 0.00cvss —epss 0.01
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a…
- CVE-2023-36829Jul 6, 2023risk 0.00cvss —epss 0.01
Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true` HTTP header if the `Origin` request header ends with the…
- CVE-2022-23485Dec 10, 2022risk 0.00cvss —epss 0.00
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an…
- CVE-2013-7287Feb 13, 2020risk 0.00cvss —epss 0.01
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
- CVE-2013-7286Feb 12, 2020risk 0.00cvss —epss 0.01
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm
Page 2 of 2