Lucene search
+L

13 matches found

redhatcve
redhatcve
added 2026/06/05 7:14 p.m.11 views

CVE-2026-40162

Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...

7.1CVSS5.5AI score0.00299EPSS
Exploits0References1
osv
osv
added 2026/04/10 7:30 p.m.4 views

GHSA-8HW4-FHWW-273G Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

Authenticated arbitrary file write in artifact bundle assembly Summary An authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a...

7.1CVSS6.2AI score0.00299EPSS
Exploits0References4
github
github
added 2026/04/10 7:30 p.m.7 views

Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

Authenticated arbitrary file write in artifact bundle assembly Summary An authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a...

7.1CVSS6.2AI score0.00299EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2026/04/10 6:16 p.m.2 views

CVE-2026-40162

Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...

7.1CVSS0.00299EPSS
Exploits0References2
cvelist
cvelist
added 2026/04/10 5:2 p.m.28 views

CVE-2026-40162 Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...

7.1CVSS0.00299EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/10 5:2 p.m.2 views

CVE-2026-40162

Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...

7.1CVSS5.8AI score0.00299EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/04/10 5:2 p.m.14 views

CVE-2026-40162

Bugsink 2.1.0 is affected by an authenticated arbitrary file write in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem location writable by the Bugsink process. This results in potential im...

7.1CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/04/10 5:2 p.m.7 views

CVE-2026-40162 Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...

7.1CVSS5.8AI score0.00299EPSS
Exploits0References2
osv
osv
added 2026/04/10 5:2 p.m.3 views

CVE-2026-40162 Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem locatio...

7.1CVSS5.9AI score0.00299EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/04/10 12:0 a.m.6 views

PT-2026-32004

Name of the Vulnerable Software and Affected Versions Bugsink versions 2.1.0 Description A file write issue exists in Bugsink 2.1.0 within the artifact bundle assembly process. An authenticated user with a valid authentication token can write content to a filesystem location accessible to the...

7.1CVSS5.8AI score0.00299EPSS
Exploits0References13
osv
osv
added 2023/07/25 7:15 p.m.13 views

PYSEC-2023-130

Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...

6.5CVSS6.8AI score0.00509EPSS
Exploits0References3
prion
prion
added 2023/07/25 7:15 p.m.20 views

Authorization

Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...

4CVSS6.4AI score0.00509EPSS
Exploits0References3Affected Software1
cve
cve
added 2023/07/25 6:50 p.m.148 views

CVE-2023-36826

Summary of CVE-2023-36826 (Sentry): Before 23.5.2, authenticated users could download a debug or artifact bundle from arbitrary organizations/projects using a known bundle ID, without needing membership or project permissions. Root cause: authorization checks were not properly scoped on the retri...

7.7CVSS6.8AI score0.00509EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder