Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/centreon/centreon@2.8.28
Typecomposer
Namespacecentreon
Namecentreon
Version2.8.28
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version18.10.6
Latest_non_vulnerable_version22.10.15
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-77b1-yybs-5qe9
vulnerability_id VCID-77b1-yybs-5qe9
summary 
Improper Neutralization of Special Elements used in a Command ('Command Injection')
The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon 19.10.0) uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ns_id parameter.
references
0
reference_url http://packetstormsecurity.com/files/132607/Merethis-Centreon-2.5.4-SQL-Injection-Remote-Command-Execution.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/132607/Merethis-Centreon-2.5.4-SQL-Injection-Remote-Command-Execution.html
1
reference_url https://forge.centreon.com/projects/centreon/repository/revisions/387dffdd051dbc7a234e1138a9d06f3089bb55bb
reference_id
reference_type
scores
url https://forge.centreon.com/projects/centreon/repository/revisions/387dffdd051dbc7a234e1138a9d06f3089bb55bb
2
reference_url https://github.com/centreon/centreon-archived/commit/387dffdd051dbc7a234e1138a9d06f3089bb55bb
reference_id
reference_type
scores
url https://github.com/centreon/centreon-archived/commit/387dffdd051dbc7a234e1138a9d06f3089bb55bb
3
reference_url https://github.com/centreon/centreon-archived/commit/a78c60aad6fd5af9b51a6d5de5d65560ea37a98a
reference_id
reference_type
scores
url https://github.com/centreon/centreon-archived/commit/a78c60aad6fd5af9b51a6d5de5d65560ea37a98a
4
reference_url https://github.com/centreon/centreon-archived/pull/7083
reference_id
reference_type
scores
url https://github.com/centreon/centreon-archived/pull/7083
5
reference_url https://github.com/centreon/centreon-archived/pull/7271
reference_id
reference_type
scores
url https://github.com/centreon/centreon-archived/pull/7271
6
reference_url https://web.archive.org/web/20201125112637/http://www.securityfocus.com/archive/1/535961/100/0/threaded
reference_id
reference_type
scores
url https://web.archive.org/web/20201125112637/http://www.securityfocus.com/archive/1/535961/100/0/threaded
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1561
reference_id CVE-2015-1561
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-1561
8
reference_url https://github.com/advisories/GHSA-c4fj-3wqq-g9c9
reference_id GHSA-c4fj-3wqq-g9c9
reference_type
scores
url https://github.com/advisories/GHSA-c4fj-3wqq-g9c9
fixed_packages
0
url pkg:composer/centreon/centreon@2.8.28
purl pkg:composer/centreon/centreon@2.8.28
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@2.8.28
aliases CVE-2015-1561, GHSA-c4fj-3wqq-g9c9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77b1-yybs-5qe9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@2.8.28