sentry-sdk

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting sentry-sdkpage 1 of 1

CVE-2023-28117HIGHCVSS 7.6EG 7.6✓ Fixed in 1.14.0
2023-03-22
vulnerable: 0.1.0 ... 1.9.9 (171 versions)
Sentry SDK is the official Python SDK for Sentry, real-time crash reporting software. When using the Django integration of versions prior to 1.14.0 of the Sentry SDK in a specific configuration it is possible to leak sensitive cookies valu…
CVE-2024-40647MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.45.1
2024-07-18
vulnerable: 0.1.0 ... 1.9.9 (224 versions)
sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK < 2.8.0 allows the environment variables to be passed to subprocesses despite the `env={}` setting. In Python's `subprocess` calls, all environment variables…

Check whether sentry-sdk is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for sentry-sdk CVEs against the assets you own.

Start Free Scan →