Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/centreon/centreon@21.10.0
Typecomposer
Namespacecentreon
Namecentreon
Version21.10.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version21.10.11
Latest_non_vulnerable_version22.10.15
Affected_by_vulnerabilities
0
url VCID-2yzr-z6rz-xyfq
vulnerability_id VCID-2yzr-z6rz-xyfq
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18556.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42424
reference_id
reference_type
scores
0
value 0.64892
scoring_system epss
scoring_elements 0.98489
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42424
1
reference_url https://www.zerodayinitiative.com/advisories/ZDI-22-1395/
reference_id
reference_type
scores
url https://www.zerodayinitiative.com/advisories/ZDI-22-1395/
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42424
reference_id CVE-2022-42424
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-42424
fixed_packages
0
url pkg:composer/centreon/centreon@21.10.11
purl pkg:composer/centreon/centreon@21.10.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.11
1
url pkg:composer/centreon/centreon@22.4.6
purl pkg:composer/centreon/centreon@22.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@22.4.6
aliases CVE-2022-42424
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yzr-z6rz-xyfq
1
url VCID-7jtg-kvwb-6few
vulnerability_id VCID-7jtg-kvwb-6few
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18555.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42425
reference_id
reference_type
scores
0
value 0.64892
scoring_system epss
scoring_elements 0.98489
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42425
1
reference_url https://www.zerodayinitiative.com/advisories/ZDI-22-1396/
reference_id
reference_type
scores
url https://www.zerodayinitiative.com/advisories/ZDI-22-1396/
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42425
reference_id CVE-2022-42425
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-42425
fixed_packages
0
url pkg:composer/centreon/centreon@21.10.11
purl pkg:composer/centreon/centreon@21.10.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.11
1
url pkg:composer/centreon/centreon@22.4.6
purl pkg:composer/centreon/centreon@22.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@22.4.6
aliases CVE-2022-42425
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jtg-kvwb-6few
2
url VCID-apev-ttxj-ckd9
vulnerability_id VCID-apev-ttxj-ckd9
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18557.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42429
reference_id
reference_type
scores
0
value 0.59384
scoring_system epss
scoring_elements 0.98276
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42429
1
reference_url https://www.zerodayinitiative.com/advisories/ZDI-22-1394/
reference_id
reference_type
scores
url https://www.zerodayinitiative.com/advisories/ZDI-22-1394/
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42429
reference_id CVE-2022-42429
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-42429
fixed_packages
0
url pkg:composer/centreon/centreon@21.10.11
purl pkg:composer/centreon/centreon@21.10.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.11
1
url pkg:composer/centreon/centreon@22.4.6
purl pkg:composer/centreon/centreon@22.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@22.4.6
aliases CVE-2022-42429
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apev-ttxj-ckd9
3
url VCID-b6ca-xndf-h3bt
vulnerability_id VCID-b6ca-xndf-h3bt
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18554.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42426
reference_id
reference_type
scores
0
value 0.58996
scoring_system epss
scoring_elements 0.9826
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42426
1
reference_url https://www.zerodayinitiative.com/advisories/ZDI-22-1397/
reference_id
reference_type
scores
url https://www.zerodayinitiative.com/advisories/ZDI-22-1397/
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42426
reference_id CVE-2022-42426
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-42426
fixed_packages
0
url pkg:composer/centreon/centreon@21.10.11
purl pkg:composer/centreon/centreon@21.10.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.11
1
url pkg:composer/centreon/centreon@22.4.6
purl pkg:composer/centreon/centreon@22.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@22.4.6
aliases CVE-2022-42426
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ca-xndf-h3bt
4
url VCID-gxmk-ucjj-cbaf
vulnerability_id VCID-gxmk-ucjj-cbaf
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18410.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42428
reference_id
reference_type
scores
0
value 0.58996
scoring_system epss
scoring_elements 0.9826
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42428
1
reference_url https://www.zerodayinitiative.com/advisories/ZDI-22-1399/
reference_id
reference_type
scores
url https://www.zerodayinitiative.com/advisories/ZDI-22-1399/
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42428
reference_id CVE-2022-42428
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-42428
fixed_packages
0
url pkg:composer/centreon/centreon@21.10.11
purl pkg:composer/centreon/centreon@21.10.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.11
1
url pkg:composer/centreon/centreon@22.4.6
purl pkg:composer/centreon/centreon@22.4.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@22.4.6
aliases CVE-2022-42428
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxmk-ucjj-cbaf
5
url VCID-qhuy-mg5k-zufu
vulnerability_id VCID-qhuy-mg5k-zufu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40043
reference_id
reference_type
scores
0
value 0.00827
scoring_system epss
scoring_elements 0.74795
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40043
1
reference_url https://github.com/centreon/centreon/commit/1a6ee0e9a003ac4f07dc8c370aec6e8911279358
reference_id
reference_type
scores
url https://github.com/centreon/centreon/commit/1a6ee0e9a003ac4f07dc8c370aec6e8911279358
2
reference_url https://github.com/centreon/centreon/commit/76fdfba312515656419a1311a83adfb11a73199f
reference_id
reference_type
scores
url https://github.com/centreon/centreon/commit/76fdfba312515656419a1311a83adfb11a73199f
3
reference_url https://github.com/centreon/centreon/commit/cee5d3b0b0077182dfced5fb1d216a4ac168c05f
reference_id
reference_type
scores
url https://github.com/centreon/centreon/commit/cee5d3b0b0077182dfced5fb1d216a4ac168c05f
4
reference_url https://github.com/centreon/centreon/releases
reference_id
reference_type
scores
url https://github.com/centreon/centreon/releases
5
reference_url https://www.hakaioffensivesecurity.com/centreon-sqli-and-xss-vulnerability/
reference_id
reference_type
scores
url https://www.hakaioffensivesecurity.com/centreon-sqli-and-xss-vulnerability/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40043
reference_id CVE-2022-40043
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-40043
7
reference_url https://github.com/advisories/GHSA-25gv-wg6f-6frp
reference_id GHSA-25gv-wg6f-6frp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-25gv-wg6f-6frp
fixed_packages
0
url pkg:composer/centreon/centreon@21.10.8
purl pkg:composer/centreon/centreon@21.10.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.8
1
url pkg:composer/centreon/centreon@22.4.2
purl pkg:composer/centreon/centreon@22.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xpmk-svkc-zqfv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@22.4.2
aliases CVE-2022-40043, GHSA-25gv-wg6f-6frp
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhuy-mg5k-zufu
6
url VCID-y6ax-bsqh-5kcr
vulnerability_id VCID-y6ax-bsqh-5kcr
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40044
reference_id
reference_type
scores
0
value 0.00164
scoring_system epss
scoring_elements 0.3717
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40044
1
reference_url https://github.com/centreon/centreon/commit/1a6ee0e9a003ac4f07dc8c370aec6e8911279358
reference_id
reference_type
scores
url https://github.com/centreon/centreon/commit/1a6ee0e9a003ac4f07dc8c370aec6e8911279358
2
reference_url https://github.com/centreon/centreon/commit/76fdfba312515656419a1311a83adfb11a73199f
reference_id
reference_type
scores
url https://github.com/centreon/centreon/commit/76fdfba312515656419a1311a83adfb11a73199f
3
reference_url https://github.com/centreon/centreon/commit/cee5d3b0b0077182dfced5fb1d216a4ac168c05f
reference_id
reference_type
scores
url https://github.com/centreon/centreon/commit/cee5d3b0b0077182dfced5fb1d216a4ac168c05f
4
reference_url https://github.com/centreon/centreon/releases
reference_id
reference_type
scores
url https://github.com/centreon/centreon/releases
5
reference_url https://www.hakaioffensivesecurity.com/centreon-sqli-and-xss-vulnerability/
reference_id
reference_type
scores
url https://www.hakaioffensivesecurity.com/centreon-sqli-and-xss-vulnerability/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40044
reference_id CVE-2022-40044
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-40044
7
reference_url https://github.com/advisories/GHSA-rv5q-72p2-2q24
reference_id GHSA-rv5q-72p2-2q24
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv5q-72p2-2q24
fixed_packages
0
url pkg:composer/centreon/centreon@21.10.8
purl pkg:composer/centreon/centreon@21.10.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.8
1
url pkg:composer/centreon/centreon@22.4.1
purl pkg:composer/centreon/centreon@22.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@22.4.1
aliases CVE-2022-40044, GHSA-rv5q-72p2-2q24
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6ax-bsqh-5kcr
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.10.0