{"url":"http://public2.vulnerablecode.io/api/packages/57028?format=json","purl":"pkg:composer/centreon/centreon@3.4.9","type":"composer","namespace":"centreon","name":"centreon","version":"3.4.9","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"18.10.6","latest_non_vulnerable_version":"22.10.15","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40447?format=json","vulnerability_id":"VCID-6asm-nwp7-4fgk","summary":"Cross-site Scripting\nCentreon is vulnerable to XSS via the resource name or macro expression of a poller macro.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19280","reference_id":"CVE-2018-19280","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19280"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55936?format=json","purl":"pkg:composer/centreon/centreon@18.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.6"}],"aliases":["CVE-2018-19280"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6asm-nwp7-4fgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40455?format=json","vulnerability_id":"VCID-b675-z44g-byfs","summary":"Centreon allows SQL Injection via the `searchVM` parameter.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19312","reference_id":"CVE-2018-19312","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19312"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55936?format=json","purl":"pkg:composer/centreon/centreon@18.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.6"}],"aliases":["CVE-2018-19312"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b675-z44g-byfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40454?format=json","vulnerability_id":"VCID-fq3k-tpny-f3b1","summary":"Cross-site Scripting\nCentreon allows XSS via the Service field to the URI.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19311","reference_id":"CVE-2018-19311","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19311"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55936?format=json","purl":"pkg:composer/centreon/centreon@18.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.6"}],"aliases":["CVE-2018-19311"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fq3k-tpny-f3b1"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@3.4.9"}