Vulnerabilities > CVE-2023-50249 - Unspecified vulnerability in Sentry Astro

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

sentry

NVD

Published: 2023-12-20

Updated: 2023-12-28

Summary

Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Regular expression Denial of Service) vulnerability has been identified in Sentry's Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an attacker to cause excessive computation times on the server, leading to denial of service (DoS). This vulnerability has been patched in sentry/astro version 7.87.0.

Vulnerable Configurations

Part	Description	Count
Application	Sentry Sentry Astro 7.78.0 Sentry Astro 7.79.0 Sentry Astro 7.80.0 Sentry Astro 7.80.1 Sentry Astro 7.81.0 Sentry Astro 7.81.1 Sentry Astro 7.82.0 Sentry Astro 7.83.0 Sentry Astro 7.84.0 Sentry Astro 7.85.0 Sentry Astro 7.86.0	11

Summary

Vulnerable Configurations

References