If you've found a security issue in Sentry or in our supported SDKs, you can submit your report to security[@]sentry.io via email.
Please include as much information as possible in your report to better help us understand and resolve the issue:
- Where the security issue exists (ie. Sentry SaaS, a Sentry-supported SDK, infrastructure, etc.)
- The type of issue (ex. SQL injection, cross-site scripting, missing authorization, etc.)
- Full paths or links to the source files where the security issue exists, if possible
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof of concept or exploit code, if available
If you need to encrypt sensitive information sent to us, please use our PGP key:
E406 C27A E971 6515 A1B1 ED86 641D 2F6C 230D BE3B
Warning
Unless otherwise specified, example and sample code in our repos is unmaintained. Sample code may contain security vulnerabilities, should never be used in production, and exists only for illustrative purposes.