CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Impact
The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events.
The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS).
The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit).
Patches
Users should upgrade to version 8.49.0 or higher.
Workarounds
To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details.
Sentry.init({
// ...
integrations: function (integrations) {
// integrations will be all default integrations
return integrations.filter(function (integration) {
return integration.name !== "ContextLines";
});
},
});
If you disable the ContextLines integration, you will lose source context on your error events.
References
Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892
PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997
References
https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
January 28th, 2025 (5 months ago)
|
|
|
Description: Impact
The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events.
The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS).
The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit).
Patches
Users should upgrade to version 8.49.0 or higher.
Workarounds
To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details.
Sentry.init({
// ...
integrations: function (integrations) {
// integrations will be all default integrations
return integrations.filter(function (integration) {
return integration.name !== "ContextLines";
});
},
});
If you disable the ContextLines integration, you will lose source context on your error events.
References
Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892
PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997
References
https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
January 28th, 2025 (5 months ago)
|
|
|
Description: Impact
The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events.
The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS).
The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit).
Patches
Users should upgrade to version 8.49.0 or higher.
Workarounds
To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details.
Sentry.init({
// ...
integrations: function (integrations) {
// integrations will be all default integrations
return integrations.filter(function (integration) {
return integration.name !== "ContextLines";
});
},
});
If you disable the ContextLines integration, you will lose source context on your error events.
References
Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892
PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997
References
https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
January 28th, 2025 (5 months ago)
|
|
|
Description: Impact
The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events.
The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS).
The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit).
Patches
Users should upgrade to version 8.49.0 or higher.
Workarounds
To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details.
Sentry.init({
// ...
integrations: function (integrations) {
// integrations will be all default integrations
return integrations.filter(function (integration) {
return integration.name !== "ContextLines";
});
},
});
If you disable the ContextLines integration, you will lose source context on your error events.
References
Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892
PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997
References
https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
January 28th, 2025 (5 months ago)
|
|
|
Description: Impact
The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events.
The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS).
The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit).
Patches
Users should upgrade to version 8.49.0 or higher.
Workarounds
To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details.
Sentry.init({
// ...
integrations: function (integrations) {
// integrations will be all default integrations
return integrations.filter(function (integration) {
return integration.name !== "ContextLines";
});
},
});
If you disable the ContextLines integration, you will lose source context on your error events.
References
Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892
PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997
References
https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
January 28th, 2025 (5 months ago)
|
CVE-2024-13484 |
Description: A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-13484
https://access.redhat.com/security/cve/CVE-2024-13484
https://bugzilla.redhat.com/show_bug.cgi?id=2269376
https://github.com/advisories/GHSA-58fx-7v9q-3g56
CVSS: HIGH (8.2) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|
|
|
Description: Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans.
January 28th, 2025 (5 months ago)
|
|
|
Description: G700 V6 RAT Full Setup Tutorial
January 28th, 2025 (5 months ago)
|
|
|
Description: Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. [...]
January 28th, 2025 (5 months ago)
|
|
CVE-2025-0736 |
Description: A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-0736
https://access.redhat.com/security/cve/CVE-2025-0736
https://bugzilla.redhat.com/show_bug.cgi?id=2342233
https://github.com/advisories/GHSA-269m-c36j-r834
CVSS: MEDIUM (5.5) EPSS Score: 0.04%
January 28th, 2025 (5 months ago)
|