{"url":"http://public2.vulnerablecode.io/api/packages/58597?format=json","purl":"pkg:composer/centreon/centreon@21.4.2","type":"composer","namespace":"centreon","name":"centreon","version":"21.4.2","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"21.4.19","latest_non_vulnerable_version":"22.10.15","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41278?format=json","vulnerability_id":"VCID-qrd5-6c24-auf7","summary":"SQL Injection\nA SQL injection vulnerability in reporting export in Centreon allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/reporting/dashboard/csvExport/csv_HostGroupLogs.php start and end parameters.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37556","reference_id":"CVE-2021-37556","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37556"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58595?format=json","purl":"pkg:composer/centreon/centreon@20.4.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.4.14"},{"url":"http://public2.vulnerablecode.io/api/packages/58596?format=json","purl":"pkg:composer/centreon/centreon@20.10.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/58597?format=json","purl":"pkg:composer/centreon/centreon@21.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.4.2"}],"aliases":["CVE-2021-37556"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrd5-6c24-auf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41274?format=json","vulnerability_id":"VCID-tq65-7cpg-gbe6","summary":"SQL Injection\nA SQL injection vulnerability in a MediaWiki script in Centreon allows remote unauthenticated attackers to execute arbitrary SQL commands via the host_name and service_description parameters.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37558","reference_id":"CVE-2021-37558","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37558"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58595?format=json","purl":"pkg:composer/centreon/centreon@20.4.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.4.14"},{"url":"http://public2.vulnerablecode.io/api/packages/58596?format=json","purl":"pkg:composer/centreon/centreon@20.10.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/58597?format=json","purl":"pkg:composer/centreon/centreon@21.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.4.2"}],"aliases":["CVE-2021-37558"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tq65-7cpg-gbe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41272?format=json","vulnerability_id":"VCID-wt74-vp5g-qqfu","summary":"SQL Injection\nA SQL injection vulnerability in image generation in Centreon allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php index parameter.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37557","reference_id":"CVE-2021-37557","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37557"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58595?format=json","purl":"pkg:composer/centreon/centreon@20.4.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.4.14"},{"url":"http://public2.vulnerablecode.io/api/packages/58596?format=json","purl":"pkg:composer/centreon/centreon@20.10.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/58597?format=json","purl":"pkg:composer/centreon/centreon@21.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.4.2"}],"aliases":["CVE-2021-37557"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wt74-vp5g-qqfu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.4.2"}