centreon/centreon vulnerabilities

licenses detected
- GPL-2.0
  >=2.99.1
- Apache-2.0
  >=2.7.3, <2.99.1

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the centreon/centreon package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H SQL Injection	<22.10.24 >=23.0.0, <23.4.21 >=23.5.0, <23.10.16 >=24.0.0, <24.4.6
H SQL Injection	<22.10.24 >=23.0.0, <23.4.21 >=23.5.0, <23.10.16 >=24.0.0, <24.4.6
H Arbitrary Command Injection	<2.8.28
M Cross-site Scripting (XSS)	<18.10.6
C Arbitrary Code Execution	>=0.0.0
H Access Restriction Bypass	<22.10.0
M SQL Injection	<22.10.0-beta1
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	<21.4.16 >=21.10.0-beta.1, <21.10.8 >=22.4.0-beta.1, <22.4.1
M SQL Injection	<21.4.16 >=21.10.0-beta.1, <21.10.8 >=22.4.0-beta.1, <22.4.1
M Cross-site Scripting (XSS)	<21.10.9 >=22.04.0, <22.04.3
H SQL Injection	<21.4.16 >=21.10.0-beta.1, <21.10.8 >=22.4.0-beta.1, <22.4.1
M Information Exposure	<21.4.16 >=21.10.0-beta.1, <21.10.8 >=22.4.0-beta.1, <22.4.1
H Command Injection	>=19.10.0, <20.4.0-beta.1 >=19.4.0, <19.4.15
H SQL Injection	>=21.4.0, <21.4.2 >=20.10.0, <20.10.8 <20.4.14
H SQL Injection	>=21.4.0, <21.4.2 >=20.10.0, <20.10.8 <20.4.14
H SQL Injection	>=21.4.0, <21.4.2 >=20.10.0, <20.10.8 <20.4.14
H Arbitrary Code Execution	>=19.0.0, <19.4.5 >=18.10.0, <18.10.8 <2.8.30
M Cross-site Scripting (XSS)	<20.4.13
H SQL Injection	<20.4.13
M Cross-site Scripting (XSS)	<21.4.0
H Cross-Site Request Forgery (CSRF)	<2.8.37 >=20.10, <20.10.7 >=20.4, <20.4.13 >=19.10, <19.10.23
M SQL Injection	<2.8.37 >=21.4, <21.4.1 >=20.10, <20.10.7 >=20.4, <20.4.13 >=19.10, <19.10.23
M Cross-site Scripting (XSS)	>=0.0.0, <1.6.4 >=18.10.0, <18.10.5 >=19.4.0, <19.4.3 >=19.10.0-beta.1, <19.10.2
M Cross-site Scripting (XSS)	>=0.0.0, <1.6.4 >=18.10.0, <18.10.5 >=19.4.0, <19.4.3 >=19.10.0-beta.1, <19.10.2
L Authentication Bypass	<19.10.7
H Arbitrary Command Execution	<19.4.15
H Improper Privilege Management	<19.10.13
M Open Redirect	<19.4.5
M Local File Inclusion	<19.4.5
M Command Injection	<19.4.5
M Information Exposure	>=18.10.6, <18.10.8 >=19.10.0, <19.10.2 >=19.04.2, <19.04.5
H SQL Injection	>=19.10.0, <19.10.2 >=19.4.0, <19.4.5 >=18.10.0, <18.10.8 <2.8.30
M Information Exposure	>=19.10.0, <19.10.2 >=19.4.0, <19.4.5 <18.10.8
M Information Exposure	>=18.10.6, <18.10.9 >=19.10.0, <19.10.3 >=19.04.2, <19.04.7
M Authentication Bypass	>=19.10.0, <19.10.2 <19.4.5
H SQL Injection	>=19.10.0, <19.10.2 >=19.4.0, <19.4.5 >=18.10.0, <18.10.8 >=2.8.0, <2.8.30
M Command Injection	>=19.10.0, <19.10.2 >=18.10.0, <18.10.8 >=2.8.0, <2.8.30 >=19.4.0, <19.4.5
C Cross-site Scripting (XSS)	>=18.10.6, <18.10.8 >=19.4.2, <19.4.5 >=2.7.3, <2.8.30
H Remote Code Execution (RCE)	>=0.0.0
H SQL Injection	>=2.8.0, <2.8.28 >=18.10.0, <18.10.4
M Information Exposure	>=20.10.0, <20.10.3 >=20.4.0, <20.4.9 >=19.10.0, <19.10.19
H Cross-site Scripting (XSS)	>=2.8.0, <2.8.28 >=18.10.0, <18.10.5
H Arbitrary File Upload	>=18.10.0, <18.10.4
H Remote Code Execution (RCE)	>=2.8.0, <2.8.27 >=18.10.0, <18.10.4
M Use of Insufficiently Random Values	>=2.8.0, <18.10.5
H SQL Injection	>=2.8.0, <2.8.27 >=18.10.0, <18.10.4
M Authentication Bypass	>=2.8.0, <2.8.28 >=18.10.0, <18.10.4
M Remote Code Execution	>=2.8.0, <2.8.28 >=18.10.0, <18.10.4
H Privilege Escalation	<19.4.17
C SQL Injection	<19.10.0-rc.1
H Arbitrary Command Execution	<19.10.0
H SQL Injection	>=18.10.0, <18.10.5 >=2.8.0, <2.8.28

centreon/centreon vulnerabilities

licenses detected

Direct Vulnerabilities