11 matches found
GHSA-8HW4-FHWW-273G Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble
Authenticated arbitrary file write in artifact bundle assembly Summary An authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a...
Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble
Authenticated arbitrary file write in artifact bundle assembly Summary An authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a...
CVE-2026-40162
Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...
CVE-2026-40162
Bugsink 2.1.0 is affected by an authenticated arbitrary file write in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem location writable by the Bugsink process. This results in potential im...
CVE-2026-40162 Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble
Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...
CVE-2026-40162 Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble
Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...
CVE-2026-40162
Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...
PT-2026-32004
Name of the Vulnerable Software and Affected Versions Bugsink versions 2.1.0 Description A file write issue exists in Bugsink 2.1.0 within the artifact bundle assembly process. An authenticated user with a valid authentication token can write content to a filesystem location accessible to the...
PYSEC-2023-130
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...
Authorization
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...
CVE-2023-36826
Summary of CVE-2023-36826 (Sentry): Before 23.5.2, authenticated users could download a debug or artifact bundle from arbitrary organizations/projects using a known bundle ID, without needing membership or project permissions. Root cause: authorization checks were not properly scoped on the retri...