sentry-sdk@1.29.0 vulnerabilities

Python client for Sentry (https://sentry.io)

latest version

2.19.0
latest non vulnerable version

2.19.0
first published

6 years ago
latest version published

4 days ago
licenses detected
- MIT
  [1.16.0,)
View sentry-sdk package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the sentry-sdk package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
L Information Exposure Affected versions of this package are vulnerable to Information Exposure due to all environment variables being passed to the subprocesses when `env={}` is set. This vulnerability could lead to unintentional exposure of environment variables to subprocesses despite the `env={}` setting, unless the Sentry SDK's Stdlib integration is disabled. Note: The Stdlib integration is enabled by default. How to fix Information Exposure? Upgrade `sentry-sdk` to version 2.8.0 or higher.	[,2.8.0)

Information Exposure

Affected versions of this package are vulnerable to Information Exposure due to all environment variables being passed to the subprocesses when env={} is set. This vulnerability could lead to unintentional exposure of environment variables to subprocesses despite the env={} setting, unless the Sentry SDK's Stdlib integration is disabled.

Note:

The Stdlib integration is enabled by default.

How to fix Information Exposure?

Upgrade sentry-sdk to version 2.8.0 or higher.

[,2.8.0)

Go back to all versions of this package

sentry-sdk@1.29.0 vulnerabilities

Python client for Sentry (https://sentry.io)

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities