Sentry

Latest version: v23.7.1

Vulnerabilities (54)

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
PVE-2021-26125	26125	Sentry 8.2.5 and 8.3.3 fix a bug which allowed API keys more permissi…	<8.2.5 >=8.3.0,<8.3.3	HIDDEN	X.Y
CVE-2024-24829	66735	Sentry is an error tracking and performance monitoring platform. Sent…	>=9.1.0,<24.1.2	MEDIUM	5.3
CVE-2016-7401	41830	Sentry 9.0.0rc1 includes a fix for CVE-2016-7401 (backported from Dja…	<9.0.0rc1	HIGH	7.5
PVE-2021-26127	26127	Sentry 8.8 includes various security fixes related to CSRF and XSS. …	<8.8	HIDDEN	X.Y
PVE-2023-59554	59554	Sentry 8.4.1 includes a fix for a Race Condition vulnerability. http…	<8.4.1	-	-
PVE-2021-26124	26124	Sentry 8.2.4 fixes a bug which allowed a user to craft a URL which wo…	<8.2.4	HIDDEN	X.Y
PVE-2021-26123	26123	sentry before 8.2.2 has a security issue where a superuser had the ab…	<8.2.2	-	-
CVE-2023-36826	65048	Sentry is an error tracking and performance monitoring platform. Star…	>=8.21.0,<23.5.2	MEDIUM	6.5
PVE-2021-26122	26122	sentry before 8.1.5 if being run in multi-organization mode, it was p…	<8.1.5	-	-
PVE-2021-26121	26121	sentry before 8.1.4 has a security issue where a superuser had the ab…	<8.1.4	-	-
PVE-2024-99867	65553	Selected versions of Sentry are exposed to a Denial of Service (DoS) …	>=8.11,<8.15.0	-	-
PVE-2024-99873	65547	Selected versions of Sentry are vulnerable to cross-site scripting (X…	>=8.0.0rc1,<8.7.0	-	-
PVE-2021-26120	26120	Sentry 7.7.0 includes a fix for a XSS vulnerability present in tags a…	<7.7.0	HIDDEN	X.Y
PVE-2021-26118	26118	Sentry before 7.4.0 has a XSS vulnerability with tag values not being…	<7.4.0	HIDDEN	X.Y
PVE-2024-99869	65551	Various versions of Sentry are susceptible to Cross-site Scripting (X…	>=7.1.0,<7.4.0	-	-
PVE-2024-99868	65552	Certain versions of Sentry are susceptible to Denial of Service (DoS)…	>=6.4.0,<8.0.0rc2	-	-
PVE-2021-26117	26117	Sentry before 6.1.1 is vulnerable to a remote code execution exploit.…	<6.1.1	HIDDEN	X.Y
CVE-2024-32474	71926	When authenticating as a superuser to a self-hosted Sentry instance w…	>=24.3.0,<24.4.1	-	-
CVE-2024-53253	74440	Affected versions of Sentry are vulnerable to Information Exposure Th…	<24.11.1	-	-
CVE-2024-45605	73297	A critical vulnerability in Sentry affected versions allowed authenti…	>=23.9.0,<24.9.0	MEDIUM	4.3
CVE-2023-36829	71984	The Sentry API incorrectly returns the access-control-allow-credentia…	>=23.6.0,<23.6.2	MEDIUM	5.4
PVE-2024-99897	64993	Sentry is an error tracking and performance monitoring platform. Star…	>=23.6.0,<23.6.2	-	-
CVE-2024-45606	73296	A vulnerability in Sentry affected versions enables authenticated use…	>=23.4.0,<24.9.0	MEDIUM	4.3
CVE-2022-23485	52383	Sentry 22.11.0 includes a fix for CVE-2022-23485: In versions of the …	>=22.6.0,<=22.10.0	LOW	3.7
CVE-2023-39349	65049	Sentry is an error tracking and performance monitoring platform. Star…	>=22.1.0,<23.7.2	HIGH	8.1
CVE-2021-33203	41984	Sentry 21.9.0 updates its dependency "django" to version 2.2.24 to in…	<21.9.0	MEDIUM	4.9
CVE-2021-33203	43364	Sentry 21.9.0 updates its dependency 'Django' to v2.2.24 to include s…	<21.9.0	MEDIUM	4.9
CVE-2021-33571	41985	Sentry 21.9.0 updates its dependency 'Django' to v2.2.24 to include s…	<21.9.0	HIGH	7.5
CVE-2021-29060	41983	Sentry 21.6.2 updates its NPM dependency "color-string" to v1.5.5 to …	<21.6.2	MEDIUM	5.3
CVE-2021-28677	41989	Sentry 21.6.0 updates its dependency "pillow" to version 8.2.0 to inc…	<21.6.0	HIGH	7.5
CVE-2021-28678	41986	Sentry 21.6.0 updates its dependency "pillow" to version 8.2.0 to inc…	<21.6.0	MEDIUM	5.5
CVE-2021-28676	41988	Sentry 21.6.0 updates its dependency "pillow" to version 8.2.0 to inc…	<21.6.0	HIGH	7.5
CVE-2021-28675	41987	Sentry 21.6.0 updates its dependency "pillow" to version 8.2.0 to inc…	<21.6.0	MEDIUM	5.5
CVE-2020-14343	41982	Sentry 21.3.1 updates its dependency "pyyaml" to include a security f…	<21.3.1	CRITICAL	9.8
CVE-2021-28957	41981	Sentry 21.3.1 updates its dependency 'lxml' to v4.6.3 to include a se…	<21.3.1	MEDIUM	6.1
CVE-2020-8116	41970	Sentry 21.2.0 updates its dependency 'dot-prop' to a secure version.	<21.2.0	HIGH	7.3
CVE-2020-7662	41971	Sentry 21.2.0 updates its dependency "websocket-extensions" to a secu…	<21.2.0	HIGH	7.5
PVE-2022-44565	44565	Sentry 21.11.0 validates that the issue alert owner is a member of th…	<21.11.0	-	-
CVE-2020-5313	41976	Sentry 20.6.0 updates its dependency "pillow" to include security fix…	<20.6.0	HIGH	7.1
CVE-2019-19911	41980	Sentry 20.6.0 updates its dependency "pillow" to include security fix…	<20.6.0	HIGH	7.5
CVE-2020-5310	41979	Sentry 20.6.0 updates its dependency "pillow" to include security fix…	<20.6.0	HIGH	8.8
CVE-2020-5312	41977	Sentry 20.6.0 updates its dependency "pillow" to include security fix…	<20.6.0	CRITICAL	9.8
CVE-2020-5311	41978	Sentry 20.6.0 updates its dependency "pillow" to include security fix…	<20.6.0	CRITICAL	9.8
CVE-2024-41656	72350	An unsanitized payload sent by an Integration platform integration al…	>=10.0.0,<24.7.1	-	-
CVE-2023-39531	65050	Sentry is an error tracking and performance monitoring platform. Star…	>=10.0.0,<23.7.2	MEDIUM	6.8
CVE-2019-10746	41974	Sentry 10.0.0 includes a security update for its dependency "mixin-de…	<10.0.0	CRITICAL	9.8
CVE-2018-16469	41975	Sentry 10.0.0 includes a security update for its dependency "merge".	<10.0.0	HIGH	7.5
CVE-2018-14732	41972	Sentry 10.0.0 includes a security update for its dependency "webpack-…	<10.0.0	HIGH	7.5
CVE-2019-10747	41973	Sentry 10.0.0 includes a security update for its dependency "set-valu…	<10.0.0	CRITICAL	9.8
PVE-2024-99870	65550	This vulnerability impacts versions of Sentry and allows for Cross-si…	>=0,<7.0.0	-	-
PVE-2024-99872	65548	Sentry is susceptible to Cross-site Scripting (XSS) attacks due to th…	>=0,<5.4.4	-	-
PVE-2024-99871	65549	Versions of Sentry are vulnerable to Cross-site Scripting (XSS) due t…	>=0,<5.4.4	-	-
PVE-2024-99874	65546	Various versions of a software package are susceptible to a Regular E…	>=0,<22.6.0	-	-
PVE-2024-99875	65545	Affected versions of this package contain an open redirect vulnerabil…	>=0,<20.12.1	-	-