VIR Vulnerability Intelligence Relay

Package impact

python PyPI / sentry

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-42354 critical 9.8 9.8 19d ago Sentry's improper authentication on SAML SSO process allows user identity linking python
CVE-2021-47935 high 8.8 8.8 18d ago Sentry 8.2.0 contains a remote code execution vulnerability that allows authenticated superusers to execute arbitrary commands by injecting malicious pickle-serialized objects through the audit log e… python
CVE-2026-27197 unknown 1mo ago Sentry: Improper authentication on SAML SSO process allows user identity linking python
CVE-2025-22146 unknown 1y ago Sentry's improper authentication on SAML SSO process allows user impersonation python
CVE-2024-53253 unknown 2y ago Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform… python
CVE-2024-45606 unknown 2y ago Sentry improperly authorizes muting of alert rules python
CVE-2024-45605 unknown 2y ago Sentry improperly authorizes deletion of user issue alert notifications python
CVE-2024-41656 unknown 2y ago Sentry vulnerable to stored Cross-Site Scripting (XSS) python
CVE-2024-35196 unknown 2y ago Slack integration leaks sensitive information in logs python
CVE-2024-32474 unknown 2y ago Sentry vulnerable to leaking superuser cleartext password in logs python
CVE-2023-39531 unknown 3y ago Sentry vulnerable to incorrect credential validation on OAuth token requests python
CVE-2023-39349 unknown 3y ago Privilege escalation via ApiTokensEndpoint python
CVE-2023-36826 unknown 3y ago Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary o… python
CVE-2023-36829 unknown 3y ago Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true… python
CVE-2022-23485 unknown 4y ago Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allo… python