Name of the Vulnerable Software and Affected Versions: @Sentry/node versions prior to 8.49.0 @Sentry/astro versions prior to 8.49.0 @Sentry/aws-serverless versions prior to 8.49.0 @Sentry/bun versions prior to 8.49.0 @Sentry/google-cloud-serverless versions prior to 8.49.0 @Sentry/nestjs versions prior to 8.49.0 @Sentry/nextjs versions prior to 8.49.0 @Sentry/nuxt versions prior to 8.49.0 @Sentry/remix versions prior to 8.49.0 @Sentry/solidstart versions prior to 8.49.0 @Sentry/sveltekit versions prior to 8.49.0

Description: The ContextLines integration in the Node SDK uses readable streams to efficiently use memory when reading files, but the stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK and SDKs that run in Node.js environments.

Recommendations: Upgrade to version 8.49.0 or higher. As a temporary workaround, consider disabling the ContextLines integration by filtering out the integration with the name ContextLines in the Sentry.init function, but note that this will result in losing source context on error events.