CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[@sentry/aws-serverless] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/bun] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/google-cloud-serverless] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/nestjs] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/nextjs] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/nuxt] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/remix] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/solidstart] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)
[@sentry/sveltekit] Potential DoS when using ContextLines integration
Description: Impact The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (@sentry/node) and SDKs that run in Node.js environments (@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/nuxt, @sentry/remix, @sentry/solidstart, @sentry/sveltekit). Patches Users should upgrade to version 8.49.0 or higher. Workarounds To remediate this issue in affected versions without upgrading to version 8.49.0 and above you can disable the ContextLines integration. See the docs for more details. Sentry.init({ // ... integrations: function (integrations) { // integrations will be all default integrations return integrations.filter(function (integration) { return integration.name !== "ContextLines"; }); }, }); If you disable the ContextLines integration, you will lose source context on your error events. References Reported issue: https://github.com/getsentry/sentry-javascript/issues/14892 PR Fix: https://github.com/getsentry/sentry-javascript/pull/14997 References https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-r5w7-f542...
Source: Github Advisory Database (NPM)
January 28th, 2025 (5 months ago)

CVE-2024-13484
[github.com/argoproj/argo-cd/v2] ArgoCD Namespace Isolation Break
Description: A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied. References https://nvd.nist.gov/vuln/detail/CVE-2024-13484 https://access.redhat.com/security/cve/CVE-2024-13484 https://bugzilla.redhat.com/show_bug.cgi?id=2269376 https://github.com/advisories/GHSA-58fx-7v9q-3g56

CVSS: HIGH (8.2)

EPSS Score: 0.04%

Source: Github Advisory Database (Go)
January 28th, 2025 (5 months ago)