PYSEC-2023-115

Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends with the system.base-hostname option of Sentry...

Sentry CORS misconfiguration

Impact The Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends with the system.base-hostname option of Sentry installation. This only affects installations that have system.base-hostname option explicitly set, as it is empty by...

CVE-2023-36829 Sentry CORS misconfiguration vulnerability

Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends with the system.base-hostname option of Sentry...

Mobileiron Sentry 安全漏洞

Mobileiron Sentry is a Smart Gateway product from Mobileiron, Inc. A security vulnerability exists in Sentry versions 23.6.0 through 23.6.2 and earlier, which stems from the Sentry API returning an incorrect HTTP header if the request header ends in system.base-hostname...

PT-2023-25718 · Sentry · Sentry

Name of the Vulnerable Software and Affected Versions: Sentry versions 23.6.0 through 23.6.1 Description: Sentry is an error tracking and performance monitoring platform. The Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends wi...