Sentry Security Vulnerabilities and Issues — Sentry CVE List

Lucene search

GetsentrySentry

7 matches found

CVE•added 2024/05/31 6:15 p.m.•79 views

CVE-2024-35196

Sentry is a developer-first error tracking and performance monitoring platform. Sentry's Slack integration incorrectly records the incoming request body in logs. This request data can contain sensitive information, including the deprecated Slack verification token. With this verification token, it ...

2CVSS3.7AI score0.00067EPSS

CVE•added 2024/11/22 8:15 p.m.•67 views

CVE-2024-53253

Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ID...

5.3CVSS5.2AI score0.00092EPSS

CVE•added 2024/04/18 8:15 p.m.•56 views

CVE-2024-32474

Sentry is an error tracking and performance monitoring platform. Prior to 24.4.1, when authenticating as a superuser to Sentry with a username and password, the password is leaked as cleartext in logs under the event : auth-index.validate_superuser. An attacker with access to the log data could use...

7.3CVSS6.8AI score0.0033EPSS

CVE•added 2024/09/17 8:15 p.m.•46 views

CVE-2024-45606

Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user can mute alert rules from arbitrary organizations and projects with a know rule ID. The user does not need to be a member of the organization or have permissions on the project. In our review, we h...

7.1CVSS5.7AI score0.00116EPSS

CVE•added 2024/07/23 10:15 p.m.•44 views

CVE-2024-41656

Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 24.7.1, an unsanitized payload sent by an Integration platform integration allows storing arbitrary HTML tags on the Sentry side with the subsequent rendering them on the Issues page. Se...

7.1CVSS6.7AI score0.0063EPSS

CVE•added 2024/09/17 8:15 p.m.•41 views

CVE-2024-45605

Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user delete the user issue alert notifications for arbitrary users given a know alert ID. A patch was issued to ensure authorization checks are properly scoped on requests to delete user alert notificat...

6.5CVSS5.4AI score0.00139EPSS

CVE•added 2024/02/09 12:15 a.m.•39 views

CVE-2024-24829

Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external services to interact with Sentry. One of such integrations, the Phabricator integration (maintained by Sentry) with version

5.3CVSS5.3AI score0.00076EPSS