FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

py39-sentry-sdk -- sensitive cookies leak

Affected packages
py39-sentry-sdk < 1.14.0


VuXML ID 15dae5cc-9ee6-4577-a93e-2ab57780e707
Discovery 2023-03-21
Entry 2023-04-09

Tom Wolters reports:

When using the Django integration of the Sentry SDK in a specific configuration it is possible to leak sensitive cookies values, including the session cookie to Sentry.

These sensitive cookies could then be used by someone with access to your Sentry issues to impersonate or escalate their privileges within your application.


CVE Name CVE-2023-28117