Lucene search
K

6 matches found

OSV
OSV
added yesterday4 views

PYSEC-2026-1917 Sentry's Python SDK unintentionally exposes environment variables to subprocesses

Impact The bug in Sentry's Python SDK subprocess.checkoutput"env", env="TEST":"1" b'TEST=1\n' If you'd want to not pass any variables, you can set an empty dict: subprocess.checkoutput"env", env= b'' However, the bug in Sentry SDK 2.8.0 causes all environment variables to be passed to the...

2.5CVSS6AI score0.00198EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

Debian dla-4612 : python3-sentry-sdk - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4612 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4612-1 [email protected] https://www.debian.org/lts/security/...

5.3CVSS5.5AI score0.00198EPSS
Exploits0References4
Debian
Debian
added 2026/06/01 2:52 a.m.12 views

[SECURITY] [DLA 4612-1] sentry-python security update

Debian LTS Advisory DLA-4612-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón May 31, 2026 https://wiki.debian.org/LTS Package : sentry-python Version : 0.13.2-1+deb11u1 CVE ID : CVE-2024-40647 Debian Bug : 1083189 A vulnerability was found in the Python SD...

5.3CVSS5.7AI score0.00198EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2345

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00198EPSS
Exploits0References10
OSV
OSV
added 2024/07/18 5:18 p.m.4 views

GHSA-G92J-QHMH-64V2 Sentry's Python SDK unintentionally exposes environment variables to subprocesses

Impact The bug in Sentry's Python SDK subprocess.checkoutput"env", env="TEST":"1" b'TEST=1\n' If you'd want to not pass any variables, you can set an empty dict: subprocess.checkoutput"env", env= b'' However, the bug in Sentry SDK 2.8.0 causes all environment variables to be passed to the...

2.5CVSS5.7AI score0.00198EPSS
Exploits0References11
OSV
OSV
added 2024/07/18 5:15 p.m.2 views

DEBIAN-CVE-2024-40647

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

5.3CVSS5.2AI score0.00198EPSS
Exploits0References1
Rows per page
Query Builder