3 matches found
EUVD-2023-56164
Malicious code in bioql PyPI...
CVE-2023-36829
Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends with the system.base-hostname option of Sentry...
Permissive Cross-domain Policy With Untrusted Domains
sentry is susceptible to Permissive Cross-domain Policy With Untrusted Domains. If the Origin request header ends with the system.base-hostname option in the sentry installation, the sentry API returns the access-control-allow-credentials: true HTTP header. Only installations that have the...