CNNVD-202511-2814 Information

Nov 25, 2025 cve

CNNVD ID

CNNVD-202511-2814

CVE-2025-65944

  • CNNVD Published: 2025-11-25

Description (Chinese)

Sentry是Sentry开源的一个面向开发人员的错误跟踪和性能监控平台。 Sentry 10.11.0版本至10.27.0之前版本存在安全漏洞,该漏洞源于可能发送敏感HTTP标头,可能导致权限提升。

Description (English)

Sentry is a development-oriented bug-tracking and performance-monitoring platform that is open to Sentry. There is a security loophole in the pre-Sentry 10.1.0 to 10.27.0 versions, which stems from the possibility of sending sensitive HTTP markerheads, which may lead to increased access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Sentry

Published

2025-11-25

Last Modified

2026-02-24

References

https://github.com/getsentry/sentry-javascript/commit/a820fa2891fdcf985b834a5b557edf351ec54539 https://github.com/getsentry/sentry-javascript/pull/17475 https://github.com/getsentry/sentry-javascript/releases/tag/10.11.0 https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-6465-jgvq-jhgp

Patch

https://github.com/getsentry/sentry-javascript/releases

Share on: