pkg:PyPI/sentry

19 total CVEsCRITICAL3HIGH7MEDIUM8LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2026-42354Sentry's improper authentication on SAML SSO process allows user identity linking
    >= 21.12.0, < 26.4.1
  • CRITICAL9.1CVE-2026-27197Sentry: Improper authentication on SAML SSO process allows user identity linking
    >= 21.12.0
  • CRITICAL9.1CVE-2025-22146Sentry's improper authentication on SAML SSO process allows user impersonation
    >= 21.12.0, < 25.1.0
  • HIGH8.8CVE-2021-47935Sentry 8.2.0 contains a remote code execution vulnerability that allows authenticated superusers to execute arbitrary commands by injecting…
    from 0, <= 8.2.0
  • HIGH8.1CVE-2023-39349Privilege escalation via ApiTokensEndpoint
    >= 22.1.0, < 23.7.2
  • HIGH7.7CVE-2023-36826Improper authorization on debug and artifact file downloads
    >= 8.21.0, < 23.5.2
  • HIGH7.7CVE-2023-36826Improper authorization on debug and artifact file downloads
    from 0, < e932b15435bf36239431eaa3790a6bcfa47046a9 | >= 8.21.0, < 23.5.2
  • HIGH7.3CVE-2024-32474Sentry vulnerable to leaking superuser cleartext password in logs
    >= 24.3.0, < 24.4.1
  • HIGH7.1CVE-2024-45606Sentry improperly authorizes muting of alert rules
    >= 23.4.0, < 24.9.0
  • HIGH7.1CVE-2024-41656Sentry vulnerable to stored Cross-Site Scripting (XSS)
    >= 10.0.0, < 24.7.1
  • MEDIUM6.8CVE-2023-36829Sentry CORS misconfiguration
    >= 23.6.0, < 23.6.2
  • MEDIUM6.8CVE-2023-36829Sentry CORS misconfiguration
    from 0, < ee44c6be35e5e464bc40637580f39867898acd8b | >= 23.6.0, < 23.6.2
  • MEDIUM6.5CVE-2024-45605Sentry improperly authorizes deletion of user issue alert notifications
    >= 23.9.0, < 24.9.0
  • MEDIUM6.5CVE-2023-39531Sentry vulnerable to incorrect credential validation on OAuth token requests
    >= 10.0.0, < 23.7.2
  • MEDIUM6.4CVE-2022-23485Sentry vulnerable to invite code reuse via cookie manipulation
    >= 20.6.0, < 22.11.0
  • MEDIUM6.4CVE-2022-23485Sentry vulnerable to invite code reuse via cookie manipulation
    >= 20.6.0, < 22.11.0
  • MEDIUM5.3CVE-2024-53253Sentry improper error handling leaks Application Integration Client Secret
    >= 24.11.0, < 24.11.1
  • MEDIUM5.3CVE-2024-53253Sentry improper error handling leaks Application Integration Client Secret
    from 0, <= 24.11.0
  • LOW2.0CVE-2024-35196Slack integration leaks sensitive information in logs
    >= 24.3.0, < 24.5.0