6 matches found
EUVD-2024-22192
Malicious code in bioql PyPI...
CVE-2024-24829
Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external services to interact with Sentry. One of such integrations, the Phabricator integration maintained by Sentry with version =24.1.1 contains a constrained SSRF vulnerability. A...
Server side request forgery (ssrf)
Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external services to interact with Sentry. One of such integrations, the Phabricator integration maintained by Sentry with version =24.1.1 contains a constrained SSRF vulnerability. A...
CVE-2024-24829 SSRF in Sentry via Phabricator integration
Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external services to interact with Sentry. One of such integrations, the Phabricator integration maintained by Sentry with version =24.1.1 contains a constrained SSRF vulnerability. A...
PT-2024-20595 · Sentry · Sentry
Name of the Vulnerable Software and Affected Versions: Sentry versions =24.1.1 Description: Sentry is an error tracking and performance monitoring platform with an integration platform for external services. The Phabricator integration contains a constrained SSRF vulnerability, allowing an attack...
Slack: Bypass of the SSRF protection (Slack commands, Phabricator integration)
Abstract Some Slack features like "Integrations / Phabricator" and "Integration / Slash Commands" allow users to submit URL that will be accessed by the backend servers. A blacklist tries to forbid access to internal resources loopback, 10.0.0.0/8, 192.168.0.0/24, .... This blacklist can be...