Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wt74-vp5g-qqfu
Summary
SQL Injection
A SQL injection vulnerability in image generation in Centreon allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php index parameter.
Aliases
0
alias CVE-2021-37557
Fixed_packages
0
url pkg:composer/centreon/centreon@20.4.14
purl pkg:composer/centreon/centreon@20.4.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.4.14
1
url pkg:composer/centreon/centreon@20.10.8
purl pkg:composer/centreon/centreon@20.10.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.10.8
2
url pkg:composer/centreon/centreon@21.4.2
purl pkg:composer/centreon/centreon@21.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.4.2
Affected_packages
0
url pkg:composer/centreon/centreon@20.10.0
purl pkg:composer/centreon/centreon@20.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-51pp-f1tx-97es
1
vulnerability VCID-au78-2fgq-yuex
2
vulnerability VCID-c444-ryqk-vqhx
3
vulnerability VCID-qrd5-6c24-auf7
4
vulnerability VCID-tq65-7cpg-gbe6
5
vulnerability VCID-wt74-vp5g-qqfu
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@20.10.0
1
url pkg:composer/centreon/centreon@21.4.0
purl pkg:composer/centreon/centreon@21.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qrd5-6c24-auf7
1
vulnerability VCID-tq65-7cpg-gbe6
2
vulnerability VCID-wt74-vp5g-qqfu
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@21.4.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37557
reference_id
reference_type
scores
0
value 0.34327
scoring_system epss
scoring_elements 0.97079
published_at 2026-06-04T12:55:00Z
1
value 0.34327
scoring_system epss
scoring_elements 0.97082
published_at 2026-06-05T12:55:00Z
2
value 0.34327
scoring_system epss
scoring_elements 0.97084
published_at 2026-06-06T12:55:00Z
3
value 0.34327
scoring_system epss
scoring_elements 0.97086
published_at 2026-06-08T12:55:00Z
4
value 0.34327
scoring_system epss
scoring_elements 0.9709
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37557
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37557
reference_id CVE-2021-37557
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-37557
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitability0.5
Weighted_severity0.3
Risk_score0.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wt74-vp5g-qqfu