Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

getsentry — Vulnerabilities & Security Advisories 24

Browse all 24 CVE security advisories affecting getsentry. AI-powered Chinese analysis, POCs, and references for each vulnerability.

getsentry operates as an error tracking and performance monitoring platform, primarily serving developers to identify and resolve bugs in real-time applications. Its architecture, which involves complex web interfaces and extensive API integrations, has historically exposed it to diverse vulnerability classes. Recorded Common Vulnerabilities and Exposures (CVEs) frequently highlight issues such as Cross-Site Scripting (XSS), insecure direct object references, and potential Remote Code Execution (RCE) vectors within its web application layer. Additionally, privilege escalation flaws have been documented, allowing unauthorized users to access sensitive data or administrative functions. These security gaps often stem from complex dependency management and intricate permission models inherent in its multi-tenant SaaS environment. While no single catastrophic breach has defined its public history, the cumulative effect of these 23 CVEs underscores the challenges of maintaining security in a rapidly evolving, feature-rich developer tool. Continuous patching and rigorous code auditing remain critical for mitigating these persistent risks.

Top products by getsentry: sentry sentry-javascript sentry-python symbolicator
CVE IDTitleCVSSSeverityPublished
CVE-2026-42354 Sentry: Improper authentication on SAML SSO process allows user identity linking — sentryCWE-290 9.1 Critical2026-05-08
CVE-2026-26004 Sentry allows unauthorized access to event data across organizational boundaries — sentryCWE-639 4.3 -2026-03-17
CVE-2026-27197 Sentry: Improper Authentication on SAML SSO process allows user identity linking — sentryCWE-287 9.1 Critical2026-02-21
CVE-2025-65944 Sentry-Javascript deals with leaked sensitive headers when `sendDefaultPii` is set to `true` — sentry-javascriptCWE-201 9.9AICriticalAI2025-11-25
CVE-2025-53099 Sentry Missing Invalidation of Authorization Codes During OAuth Exchange and Revocation — sentryCWE-288 7.4AIHighAI2025-07-01
CVE-2025-22146 Improper authentication on SAML SSO process allows user impersonation in sentry — sentryCWE-287 9.1 Critical2025-01-15
CVE-2024-53253 Sentry's improper error handling leaks Application Integration Client Secret — sentryCWE-209 5.3 Medium2024-11-22
CVE-2024-45605 Improper authorization on deletion of user issue alert notifications in sentry — sentryCWE-639 6.5 Medium2024-09-17
CVE-2024-45606 Improper authorization on muting of alert rules in sentry — sentryCWE-639 7.1 High2024-09-17
CVE-2024-41656 Sentry vulnerable to stored Cross-Site Scripting (XSS) — sentryCWE-79 7.1 High2024-07-23
CVE-2024-40647 Unintentional exposure of environment variables to subprocesses in sentry-sdk — sentry-pythonCWE-200 5.3 Medium2024-07-18
CVE-2024-35196 Slack integration leaks sensitive information in logs in Sentry — sentryCWE-532 2.0 Low2024-05-31
CVE-2024-32474 Sentry's superuser cleartext password leaked in logs — sentryCWE-312 7.3 High2024-04-18
CVE-2024-24829 SSRF in Sentry via Phabricator integration — sentryCWE-918 4.3 Medium2024-02-08
CVE-2023-51451 SSRF in symbolicator via invalid protocol — symbolicatorCWE-918 4.3 Medium2023-12-22
CVE-2023-50249 Sentry's Astro SDK vulnerable to ReDoS — sentry-javascriptCWE-400 7.5 High2023-12-20
CVE-2023-49094 Symbolicator Server Side Request Forgery vulnerability — symbolicatorCWE-918 4.3 Medium2023-11-30
CVE-2023-46729 Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint — sentry-javascriptCWE-918 9.3 Critical2023-11-10
CVE-2023-39531 Sentry vulnerable to incorrect credential validation on OAuth token requests — sentryCWE-287 6.5 Medium2023-08-09
CVE-2023-39349 Sentry vulnerable to privilege escalation via ApiTokensEndpoint — sentryCWE-284 8.1 High2023-08-07
CVE-2023-36826 Sentry vulnerable to improper authorization on debug and artifact file downloads — sentryCWE-285 7.7 High2023-07-25
CVE-2023-36829 Sentry CORS misconfiguration vulnerability — sentryCWE-942 6.8 Medium2023-07-06
CVE-2023-28117 Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True` — sentry-pythonCWE-201 7.6 High2023-03-22
CVE-2022-23485 Invite code reuse via cookie manipulation in sentry — sentryCWE-269 6.4 Medium2022-12-10

This page lists every published CVE security advisory associated with getsentry. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.