872 matches found
CVE-2025-64468
There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...
CVE-2025-64468
There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...
CVE-2025-64468
There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...
CVE-2025-64468 Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW
There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...
CVE-2025-64468
CVE-2025-64468 describes a use-after-free in NI LabVIEW’s sentry!sentry_span_set_data() when parsing a corrupted VI file. This could lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI file, and affects LabVIEW 2025 Q3 (25.3) and...
CVE-2025-64468 Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW
There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...
PT-2025-52242
Name of the Vulnerable Software and Affected Versions NI LabVIEW versions 2025 Q3 25.3 and prior Description A use-after-free issue exists in the sentry span set data function when processing a malformed VI file. Exploitation of this issue could lead to information disclosure or arbitrary code...
CVE-2025-65944
Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...
CVE-2025-65944
Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...
CVE-2025-65944 Sentry-Javascript deals with leaked sensitive headers when `sendDefaultPii` is set to `true`
Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...
CVE-2025-65944 Sentry-Javascript deals with leaked sensitive headers when `sendDefaultPii` is set to `true`
Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...
EUVD-2025-198990
Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...
PT-2025-47977
Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...
Sentry 安全漏洞
Sentry is a developer-oriented bug tracking and performance monitoring platform from Sentry Open Source. A security vulnerability exists in Sentry versions 10.11.0 through prior to 10.27.0, which stems from the possibility of sending sensitive HTTP headers that could lead to elevated privileges...
Insertion of Sensitive Information Into Sent Data
Overview @sentry/node-core is a Sentry Node-Core SDK Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, by viewing...
Insertion of Sensitive Information Into Sent Data
Overview @sentry/remix is an Official Sentry SDK for Remix Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, by...
Insertion of Sensitive Information Into Sent Data
Overview @sentry/nextjs is an Official Sentry SDK for Next.js Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, b...
Insertion of Sensitive Information Into Sent Data
Overview @sentry/nuxt is an Official Sentry SDK for Nuxt EXPERIMENTAL Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication...
Insertion of Sensitive Information Into Sent Data
Overview @sentry/cloudflare is an Official Sentry SDK for Cloudflare Workers and Pages Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as...
Insertion of Sensitive Information Into Sent Data
Overview @sentry/astro is an Official Sentry SDK for Astro Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, by...