Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sentry allows unauthorized access to event data across organizational boundaries
Vulnerability Description
Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Insecure Direct Object Reference (IDOR) vulnerability in Sentry's GroupEventJsonView endpoint. Version 26.1.0 patches the issue.
CVSS Information
N/A
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Sentry 安全漏洞
Vulnerability Description
Sentry是Sentry开源的一个面向开发人员的错误跟踪和性能监控平台。 Sentry 26.1.0之前版本存在安全漏洞,该漏洞源于GroupEventJsonView端点存在跨组织不安全的直接对象引用。
CVSS Information
N/A
Vulnerability Type
N/A