Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/centreon/centreon@21.10.0
purl pkg:composer/centreon/centreon@21.10.0
Next non-vulnerable version 21.10.11
Latest non-vulnerable version 22.10.15
Risk
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-1qpr-xs4n-sbbs
Aliases:
CVE-2022-42425
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18555.
21.10.11
Affected by 0 other vulnerabilities.
22.4.6
Affected by 0 other vulnerabilities.
VCID-3dn5-nxba-vucx
Aliases:
CVE-2022-42426
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18554.
21.10.11
Affected by 0 other vulnerabilities.
22.4.6
Affected by 0 other vulnerabilities.
VCID-gk71-ffk9-b7eg
Aliases:
CVE-2022-42424
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18556.
21.10.11
Affected by 0 other vulnerabilities.
22.4.6
Affected by 0 other vulnerabilities.
VCID-h3q8-arpz-pkdm
Aliases:
CVE-2022-42429
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18557.
21.10.11
Affected by 0 other vulnerabilities.
22.4.6
Affected by 0 other vulnerabilities.
VCID-th3p-eu1x-aqhc
Aliases:
CVE-2022-42428
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-18410.
21.10.11
Affected by 0 other vulnerabilities.
22.4.6
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:44:23.268491+00:00 GitLab Importer Affected by VCID-3dn5-nxba-vucx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/centreon/centreon/CVE-2022-42426.yml 38.6.0
2026-06-02T04:44:23.167316+00:00 GitLab Importer Affected by VCID-h3q8-arpz-pkdm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/centreon/centreon/CVE-2022-42429.yml 38.6.0
2026-06-02T04:44:22.928384+00:00 GitLab Importer Affected by VCID-1qpr-xs4n-sbbs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/centreon/centreon/CVE-2022-42425.yml 38.6.0
2026-06-02T04:44:22.868138+00:00 GitLab Importer Affected by VCID-th3p-eu1x-aqhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/centreon/centreon/CVE-2022-42428.yml 38.6.0
2026-06-02T04:44:22.679279+00:00 GitLab Importer Affected by VCID-gk71-ffk9-b7eg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/centreon/centreon/CVE-2022-42424.yml 38.6.0