目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

getsentry 厂商漏洞列表 / CVE 中文分析 25

getsentry 厂商相关 25 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Sentry 提供应用性能监控与错误追踪服务,其开源项目核心用于实时捕获和聚合代码异常。历史漏洞多涉及身份验证绕过、敏感信息泄露及越权访问,累计收录 23 条 CVE。值得关注的是其近期修复的多个远程代码执行风险,凸显了复杂微服务架构下的配置管理挑战。该工具在开发者社区广泛使用,其安全更新机制对保障监控数据完整性至关重要。

18 件の結果 / 25フィルターをクリア
CVE IDタイトルCVSS深刻度公開日
CVE-2026-52794 Sentry: Inefficient Regular Expression Complexity in sentry — sentryCWE-1333 7.5 High2026-06-24
CVE-2026-42354 Sentry: Improper authentication on SAML SSO process allows user identity linking — sentryCWE-290 9.1 Critical2026-05-08
CVE-2026-26004 Sentry allows unauthorized access to event data across organizational boundaries — sentryCWE-639 4.3 -2026-03-17
CVE-2026-27197 Sentry: Improper Authentication on SAML SSO process allows user identity linking — sentryCWE-287 9.1 Critical2026-02-21
CVE-2025-53099 Sentry Missing Invalidation of Authorization Codes During OAuth Exchange and Revocation — sentryCWE-288 7.4AIHighAI2025-07-01
CVE-2025-22146 Improper authentication on SAML SSO process allows user impersonation in sentry — sentryCWE-287 9.1 Critical2025-01-15
CVE-2024-53253 Sentry's improper error handling leaks Application Integration Client Secret — sentryCWE-209 5.3 Medium2024-11-22
CVE-2024-45605 Improper authorization on deletion of user issue alert notifications in sentry — sentryCWE-639 6.5 Medium2024-09-17
CVE-2024-45606 Improper authorization on muting of alert rules in sentry — sentryCWE-639 7.1 High2024-09-17
CVE-2024-41656 Sentry vulnerable to stored Cross-Site Scripting (XSS) — sentryCWE-79 7.1 High2024-07-23
CVE-2024-35196 Slack integration leaks sensitive information in logs in Sentry — sentryCWE-532 2.0 Low2024-05-31
CVE-2024-32474 Sentry's superuser cleartext password leaked in logs — sentryCWE-312 7.3 High2024-04-18
CVE-2024-24829 SSRF in Sentry via Phabricator integration — sentryCWE-918 4.3 Medium2024-02-08
CVE-2023-39531 Sentry vulnerable to incorrect credential validation on OAuth token requests — sentryCWE-287 6.5 Medium2023-08-09
CVE-2023-39349 Sentry vulnerable to privilege escalation via ApiTokensEndpoint — sentryCWE-284 8.1 High2023-08-07
CVE-2023-36826 Sentry vulnerable to improper authorization on debug and artifact file downloads — sentryCWE-285 7.7 High2023-07-25
CVE-2023-36829 Sentry CORS misconfiguration vulnerability — sentryCWE-942 6.8 Medium2023-07-06
CVE-2022-23485 Invite code reuse via cookie manipulation in sentry — sentryCWE-269 6.4 Medium2022-12-10

本页汇总了 getsentry 厂商截至目前公开的全部 25 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。