4 matches found
FreeBSD : py39-sentry-sdk -- sensitive cookies leak (15dae5cc-9ee6-4577-a93e-2ab57780e707)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 15dae5cc-9ee6-4577-a93e-2ab57780e707 advisory. - Sentry SDK is the official Python SDK for Sentry, real-time crash reporting software. When using the...
CVE-2023-28117
creationtimestamp| type| source ---|---|--- 2023-03-22 23:36:00+00:00| seen| https://t.me/cibsecurity/60519...
CVE-2023-28117
CVE-2023-28117 affects the Sentry SDK for Python (Django integration) prior to 1.14.0. When sendDefaultPII is True and a custom SESSION_COOKIE_NAME or CSRF_COOKIE_NAME is used, cookies (including session cookies) can be leaked to Sentry, potentially enabling impersonation or privilege escalation ...
CVE-2023-28117 Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True`
Sentry SDK is the official Python SDK for Sentry, real-time crash reporting software. When using the Django integration of versions prior to 1.14.0 of the Sentry SDK in a specific configuration it is possible to leak sensitive cookies values, including the session cookie to Sentry. These sensitiv...