Home/Product/sentry
Product

sentry

31 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2021-47935
all versions
Sentry 8.2.0 contains a remote code execution vulnerability that allows authenticated superusers to execute arbitrary commands by
8.8HIGH
 CVE-2026-42354
>= 21.12.0 and < 26.4.1
Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerabili
9.1CRITICAL
 CVE-2026-26004
< 26.1.0
Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Ins
6.5MEDIUM
 CVE-2026-27197
>= 21.12.0 and < 26.2.0
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulner
9.1CRITICAL
 CVE-2025-53099
< 25.5.0
Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious
7.5HIGH
 CVE-2024-53253
all versions
Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a sce
5.3MEDIUM
 CVE-2024-48743
all versions
Cross Site Scripting vulnerability in Sentry v.6.0.9 allows a remote attacker to execute arbitrary code via the z parameter.
6.5MEDIUM
 CVE-2024-10276
all versions
A vulnerability has been found in Telestream Sentry 6.0.9 and classified as problematic. Affected by this vulnerability is an unkn
3.5LOW
 CVE-2024-45606
>= 23.4.0 and < 24.9.0
Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user can mute alert rules from ar
7.1HIGH
 CVE-2024-45605
>= 23.9.0 and < 24.9.0
Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user delete the user issue alert
6.5MEDIUM
 CVE-2024-41656
>= 10.0.0 and < 24.7.1
Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 24.7.1, an unsani
7.1HIGH
 CVE-2024-32474
>= 24.3.0 and < 24.4.1
Sentry is an error tracking and performance monitoring platform. Prior to 24.4.1, when authenticating as a superuser to Sentry wit
7.3HIGH
 CVE-2024-24829
>= 9.1.0 and < 24.1.2
Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external servi
4.3MEDIUM
 CVE-2023-51451
>= 0.3.3 and < 23.12.1
Symbolicator is a service used in Sentry. Starting in Symbolicator version 0.3.3 and prior to version 21.12.1, an attacker could m
4.3MEDIUM
 CVE-2023-50249
>= 7.78.0 and < 7.87.0
Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Regular expression Denial of Service) vulnerability has been id
7.5HIGH
 CVE-2023-49094
>= 0.3.3 and < 23.11.2
Symbolicator is a symbolication service for native stacktraces and minidumps with symbol server support. An attacker could make Sy
4.3MEDIUM
 CVE-2023-46729
>= 7.26.0 and < 7.77.0
sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP req
9.3CRITICAL
 CVE-2023-39531
>= 10.0.0 and < 23.7.2
Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 23.7.2, an attack
6.5MEDIUM
 CVE-2023-39349
>= 22.1.0 and < 23.7.2
Sentry is an error tracking and performance monitoring platform. Starting in version 22.1.0 and prior to version 23.7.2, an attack
8.1HIGH
 CVE-2023-36826
>= 8.21.0 and < 23.5.2
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authen
7.7HIGH
 CVE-2023-36829
>= 23.6.0 and < 23.6.2
Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentr
6.8MEDIUM
 CVE-2023-28117
< 1.14.0
Sentry SDK is the official Python SDK for Sentry, real-time crash reporting software. When using the Django integration of version
7.6HIGH
 CVE-2022-23485
>= 20.6.0 and <= 22.10.0
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an atta
6.4MEDIUM
 CVE-2020-8887
< 10.7.5
Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated
7.5HIGH
 CVE-2020-15507
<= 10.6
An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3,
7.5HIGH
 CVE-2020-15506
<= 10.6
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2,
9.8CRITICAL
 CVE-2020-15505
>= 9.7.0 and < 9.7.3
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2,
9.8CRITICAL
 CVE-2013-7287
< 5.0
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
9.8CRITICAL
 CVE-2014-1409
< 5.0
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML
9.1CRITICAL
 CVE-2018-8028
< 2.0.1
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can
8.8HIGH
 CVE-2016-0760
all versions
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary
8.8HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin