Skip to content

Release 20250800 #5713

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tuntoja merged 25 commits into from
Aug 20, 2025
Merged

Release 20250800 #5713

tuntoja merged 25 commits into from
Aug 20, 2025

Conversation

@tuntoja
Copy link
Contributor

@tuntoja tuntoja commented Aug 20, 2025

Release 20250800

tuntoja and others added 24 commits July 7, 2025 17:36
@tuntoja
fix(ci): run plugins-suoders delivery only if packaging is triggered (#…
8f43607 
…5663)
@pkippes
Merge branch 'master' into sync-release-20250700
25ed744
@pkippes
Sync release 20250700 (#5664)
968b620
@mushroomempires
fix(release): update plugins version to 20250800
b48e8ed
@mushroomempires
fix(release): update plugins version to 20250800 (#5668)
8a0270b
@s-duret
fix(hardware::server::hp::ilo::restapi): exclude enclosure CTOR-1798 (#…
420edcf 
…5671)
@technique-ci
chore(deps): absorb 2025-07 dependabot GitHub Actions updates (#5654)
de3749d
@sdepassio
fix(mosquitto-mqtt): syntax and encoding (#5676)
ea71dd2 
Co-authored-by: Jochen Platzgummer <jochen.platzgummer@pgum.eu>

Refs: CTOR-1786
@ponchoh @sdepassio
enh(notification::email): Allow a custom pathname in alert mode (#5085)
d82058c 
Co-authored-by: Sophie Depassio <sdepassio@centreon.com>
@omercier
fix(packaging): reorganize common code for azure (#5679)
03deb67 
because ApplicationInsights fatpacked plugin (and others) lacked a module

Refs: CTOR-1193
@scresto31
fix(apps::vmware::connector): Fix cluster-name filter usage (#5672)
e4c27fa 
* Fix cluster-name filter to support regexp
* Improve error message

Refs: CTOR-1784
@scresto31 @rmorandell-pgum @pkippes
new(plugin) network::forcepoint::sdwan::snmp (#5669)
af72ad6 
Refs: CTOR-1512

Co-authored-by: Roman Morandell <46994680+rmorandell-pgum@users.noreply.github.com>
Co-authored-by: pkippes <pkippes@centreon.com>
@scresto31 @Evan-Adam
enh(apps::proxmox::ve::restapi): Add OS and IPs information to autodi…
d4f9625 
…scovery module (#5639)

Refs: CTOR-1200

Co-authored-by: Evan-Adam <152897682+Evan-Adam@users.noreply.github.com>
@scresto31
fix(centreon_vmware): test if dependencies are installed (#5665)
657c4d0 
Refs: CTOR-1780
@scresto31
enh(centreon_vmware): change defaut log severity to error (#5701)
2783d18 
Refs: CTOR-1777
@itoussies
fix(notification::microsoft::office365::teams): Modify the URI build …
cfba599 
…and fix notification output (#5388)

Refs: MON-155920
@scresto31 @mathiastop
Plugin(apps::redis::sentinel and database::redis) - Custom(cli): add …
5158211 
…certs and key parameters (#5674)

Co-authored-by: Mathias Top <mathias.top@epitech.eu>
@scresto31
Plugin(hardware::server::huawei::hmm::snmp) - Mode(hardware): no-comp…
0dd766c 
…onent option not functional (#5678)

Co-authored-by: Lucie Dubrunfaut <ldubrunfaut@CNTR-PORT-A198.localdomain>
@scresto31
Plugin(apps::monitoring::iplabel::ekara::restapi) - Custom(api) : Add…
0e89634 
… a new authentication way (#5698)
@scresto31 @garnier-quentin @pkippes
CTOR-792 Plugin(os::as400::connector) - Mode(messagequeue) : add an o…
0f8af4d 
…ption to ignore acknowledge messages (#5700)

Co-authored-by: garnier-quentin <garnier.quentin@gmail.com>
Co-authored-by: pkippes <pkippes@centreon.com>
@mushroomempires
enh(nightly-ci): split created nightly ticket by type of failure (#5705)
27e4995
@itoussies
fix(apps::microsoft::hyperv::2012::local): fix discovery stats in scv…
e800def 
…mm-discovery (#5707)

Refs: CTOR-1852
@scresto31
fix(os::aix::snmp): mode(list-processes): parsing error (#5710)
120ba85 
Refs: CTOR-1677
@sdepassio @thibaults-centreon @omercier
feat(apps::monitoring::latencetech::restapi): new pack apps monitorin…
f823feb 
…g latencetech restapi (#5706)

Co-authored-by: thibaults-centreon <tscheitenberger@centreon.com>
Co-authored-by: omercier <32134301+omercier@users.noreply.github.com>
@tuntoja tuntoja requested review from a team as code owners August 20, 2025 07:30
@tuntoja tuntoja requested review from kduret and scresto31 August 20, 2025 07:30
@github-actions
Copy link

github-actions bot commented Aug 20, 2025

Logo
Checkmarx One – Scan Summary & Details548884a1-754b-4993-bd9e-f4747071436f

New Issues (162)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
CRITICAL Second_Order_SQL_Injection /src/database/oracle/mode/tablespaceusage.pm: 557
detailsMethod at line 557 of /src/database/oracle/mode/tablespaceusage.pm gets database data from the query element. This element’s value then flows th...
ID: vFJMNsEHt054ihGmFzOtIpMztnw%3D
Attack Vector
CRITICAL Second_Order_SQL_Injection /src/apps/centreon/sql/mode/multiservices.pm: 380
detailsMethod at line 380 of /src/apps/centreon/sql/mode/multiservices.pm gets database data from the query element. This element’s value then flows th...
ID: 8Z6OAEyu2%2By7bp%2BbhDi0F%2Bgh4a4%3D
Attack Vector
CRITICAL Second_Order_SQL_Injection /src/apps/centreon/sql/mode/multiservices.pm: 445
detailsMethod at line 445 of /src/apps/centreon/sql/mode/multiservices.pm gets database data from the query element. This element’s value then flows th...
ID: 0cV2Quw0hUmDu8ka%2FwNv7sEokXY%3D
Attack Vector
CRITICAL Second_Order_SQL_Injection /src/database/oracle/mode/tablespaceusage.pm: 265
detailsMethod at line 265 of /src/database/oracle/mode/tablespaceusage.pm gets database data from the query element. This element’s value then flows th...
ID: QhaT8l0BVd3oVl0CqaE6R%2Bi9VoY%3D
Attack Vector
CRITICAL Second_Order_SQL_Injection /src/centreon/common/protocols/sql/mode/collection.pm: 219
detailsMethod at line 219 of /src/centreon/common/protocols/sql/mode/collection.pm gets database data from the query element. This element’s value then...
ID: 9MQk1%2BeRi3nX8gEPvG6gQQ8bJ48%3D
Attack Vector
CRITICAL Second_Order_SQL_Injection /src/apps/backup/arcserve/udp/mssql/mode/jobstatus.pm: 155
detailsMethod at line 155 of /src/apps/backup/arcserve/udp/mssql/mode/jobstatus.pm gets database data from the query element. This element’s value then...
ID: AnFpKKTlU2iBdTQEN6KwIK11ihs%3D
Attack Vector
MEDIUM CVE-2025-53864 Maven-com.google.code.gson:gson-2.8.9
detailsRecommended version: 2.12.0
Description: Connect2id Nimbus JOSE + JWT allows a remote attacker to cause a Denial-of-Service (DoS) via a deeply nested JSON object supplied in a JWT claim se...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: T5pZPVHeiL5uo9f9FmxhpSe%2Br4mBXuq7GgtwlbAMvaw%3D
Vulnerable Package
MEDIUM Privacy_Violation /tests/cpan-libraries/json-path.pl: 13
detailsMethod at line 13 of /tests/cpan-libraries/json-path.pl sends user information outside the application. This may constitute a Privacy Violation.
ID: TlskuLoh7%2BEEklvY%2BQNyXvLPL7s%3D
Attack Vector
MEDIUM Privacy_Violation /connectors/vmware/src/centreon/script/centreon_vmware.pm: 282
detailsMethod at line 282 of /connectors/vmware/src/centreon/script/centreon_vmware.pm sends user information outside the application. This may consti...
ID: 8TPFByfYSodLQfc9xC8W6B0ZcNE%3D
Attack Vector
MEDIUM Privacy_Violation /connectors/vmware/src/centreon/script/centreon_vmware.pm: 270
detailsMethod at line 270 of /connectors/vmware/src/centreon/script/centreon_vmware.pm sends user information outside the application. This may consti...
ID: E2cM7vBDc8rtDe5BIPv41Pop%2BaI%3D
Attack Vector
MEDIUM Privacy_Violation /tests/cpan-libraries/json-path.pl: 12
detailsMethod at line 12 of /tests/cpan-libraries/json-path.pl sends user information outside the application. This may constitute a Privacy Violation.
ID: MH6Oehm0PUKoLYjUP0X%2Fn3AwSEI%3D
Attack Vector
MEDIUM Privacy_Violation /tests/cpan-libraries/json-path.pl: 11
detailsMethod at line 11 of /tests/cpan-libraries/json-path.pl sends user information outside the application. This may constitute a Privacy Violation.
ID: %2FzxRGKuvTL4r3V4NkYb87Jzp85w%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/paws.pm: 107
detailsMethod at line 107 of /src/cloud/aws/custom/paws.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: PojktvF%2BOw%2F7H6XfppPRQvZWbQU%3D
Attack Vector
MEDIUM Privacy_Violation /tests/cpan-libraries/json-path.pl: 10
detailsMethod at line 10 of /tests/cpan-libraries/json-path.pl sends user information outside the application. This may constitute a Privacy Violation.
ID: ST9ruLup6MNiPC6W%2BP80BwJ7YF0%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/paws.pm: 110
detailsMethod at line 110 of /src/cloud/aws/custom/paws.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: 9ct%2B2FSNYF%2BxZGo%2FoYGGz7yA0%2BY%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 210
detailsMethod at line 210 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: z%2BRNopWUKdVrsws4Xo91KNWG22g%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 212
detailsMethod at line 212 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: BT02F05T%2BswcS6KSPYLVSJDsQ3U%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 211
detailsMethod at line 211 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: sq9jP8f%2FzmqQ2Ul9tDnVI2Vjz08%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 127
detailsMethod at line 127 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: wUcbn7Q1ZUJd%2BEy3W%2FnuEu3pkYU%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 124
detailsMethod at line 124 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: QgjWkVzwfuRzBDAq5Cy1YyKFyvk%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 124
detailsMethod at line 124 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: VZnL4Wzc6n9FH3m8Atdqg8%2FjmVU%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 127
detailsMethod at line 127 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: bZb2kjlARFvuCZ%2Bgapbg%2Ffjc1Zc%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/awscli.pm: 124
detailsMethod at line 124 of /src/cloud/aws/custom/awscli.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: VeN9DLk0VFm7svT%2B31WRvzDCK%2Fk%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/paws.pm: 110
detailsMethod at line 110 of /src/cloud/aws/custom/paws.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: RZIcJb0K9hK7A8m4tZrPT4aNCdw%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/paws.pm: 107
detailsMethod at line 107 of /src/cloud/aws/custom/paws.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: i2ygI6PmxJBGIjjfGyWbGolIedM%3D
Attack Vector
MEDIUM Privacy_Violation /src/cloud/aws/custom/paws.pm: 107
detailsMethod at line 107 of /src/cloud/aws/custom/paws.pm sends user information outside the application. This may constitute a Privacy Violation.
ID: dCdE9AYCzcRydbADxFIv0Qnlt3E%3D
Attack Vector
MEDIUM Resource_Injection /connectors/vmware/src/centreon/script/centreon_vmware.pm: 669
detailsThe application's method, at line 669 of /connectors/vmware/src/centreon/script/centreon_vmware.pm, opens a resource using potentially tainted v...
ID: chH3WKuVfLVePFXTKMYH4mHcnbA%3D
Attack Vector
MEDIUM Use_Of_Hardcoded_Password /src/centreon/plugins/backend/ssh/libssh.pm: 88
detailsThe application uses the hard-coded password "SSH_AUTH_SUCCESS" for authentication purposes, either using it to verify users' identities, or to ...
ID: 8d3T%2Bhjc1KYSOSK5fKFatkoJ7UA%3D
Attack Vector
MEDIUM Use_Of_Hardcoded_Password /tests/cpan-libraries/libssh-session.pl: 83
detailsThe application uses the hard-coded password "testpassword" for authentication purposes, either using it to verify users' identities, or to access...
ID: mjRUMZYj7vtxogYyLcMXq4NZXAg%3D
Attack Vector
MEDIUM Use_Of_Hardcoded_Password /tests/cpan-libraries/crypt-argon2.pl: 8
detailsThe application uses the hard-coded password "my_secure_password" for authentication purposes, either using it to verify users' identities, or t...
ID: bdJ1F%2FaBwrWdbYRanXgHR8Rqf2k%3D
Attack Vector
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /src/network/forcepoint/sdwan/snmp/mode/droppedpackets.pm: 100
detailsIn , the application protects sensitive data using a cryptographic algorithm, md5_hex, that is considered weak or even trivially broken, in /src/n...
ID: 4wDmNMh%2BLRIgNBtKEDKStIFOST4%3D
Attack Vector
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /src/network/forcepoint/sdwan/snmp/mode/rejectedpackets.pm: 99
detailsIn , the application protects sensitive data using a cryptographic algorithm, md5_hex, that is considered weak or even trivially broken, in /src/n...
ID: fNVp4utwvzyk6PhmBEjnOefAkF8%3D
Attack Vector
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /src/network/forcepoint/sdwan/snmp/mode/rejectedpackets.pm: 100
detailsIn , the application protects sensitive data using a cryptographic algorithm, md5_hex, that is considered weak or even trivially broken, in /src/n...
ID: rrN8s7u%2BWCaskMQ466oDD0H8OTQ%3D
Attack Vector
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /src/network/forcepoint/sdwan/snmp/mode/droppedpackets.pm: 99
detailsIn , the application protects sensitive data using a cryptographic algorithm, md5_hex, that is considered weak or even trivially broken, in /src/n...
ID: 0N1PGsAnvguFztajtMTUTc3JvG4%3D
Attack Vector
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /tests/scripts/slim_walk.pl: 225
detailsIn , the application protects sensitive data using a cryptographic algorithm, md5, that is considered weak or even trivially broken, in /tests/scri...
ID: 2YtZ9SUn2TAuxEvMvG7Qiz2cDHE%3D
Attack Vector
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /src/storage/purestorage/flasharray/v2/restapi/custom/api.pm: 124
detailsIn , the application protects sensitive data using a cryptographic algorithm, md5_hex, that is considered weak or even trivially broken, in /src/s...
ID: b%2BinRoFaGA7qerilFg8R4P3B1nE%3D
Attack Vector

More results are available on the CxOne platform

Fixed Issues (24)
Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
MEDIUM Dangerous_Functions /dependencies/perl-filesys-smbclient/src/libauthSamba.c: 27
MEDIUM Dangerous_Functions /dependencies/perl-filesys-smbclient/src/libauthSamba.c: 21
MEDIUM Dangerous_Functions /dependencies/perl-filesys-smbclient/src/libauthSamba.c: 20
MEDIUM Dangerous_Functions /dependencies/perl-filesys-smbclient/src/libauthSamba.c: 52
MEDIUM Dangerous_Functions /dependencies/perl-filesys-smbclient/src/libauthSamba.c: 54
MEDIUM Dangerous_Functions /dependencies/perl-filesys-smbclient/src/libauthSamba.c: 49
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /as400/connector.as400/src/main/java/com/centreon/connector/as400/utils/BlowFishUtils.java: 66
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /as400/connector.as400/src/main/java/com/centreon/connector/as400/utils/BlowFishUtils.java: 74
MEDIUM Use_of_Hard_coded_Cryptographic_Key /as400/connector.as400/src/main/java/com/centreon/connector/as400/utils/BlowFishUtils.java: 35
MEDIUM Use_of_Hard_coded_Cryptographic_Key /as400/connector.as400/src/main/java/com/centreon/connector/as400/utils/BlowFishUtils.java: 35
LOW Heap_Inspection /as400/connector.as400/src/main/java/com/centreon/connector/as400/parser/OptionFactory.java: 55
LOW Heap_Inspection /as400/connector.as400/src/main/java/com/centreon/connector/as400/daemon/MapIdentityManager.java: 75
LOW Heap_Inspection /as400/connector.as400/src/main/java/com/centreon/connector/as400/daemon/MapIdentityManager.java: 76
LOW Heap_Inspection /dependencies/perl-filesys-smbclient/src/libauthSamba.c: 6
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65
LOW Permissive_Regular_Expression /src/centreon/common/powershell/exchange/powershell.pm: 65

@tuntoja tuntoja merged commit f7483dc into master Aug 20, 2025
139 of 141 checks passed
@pkippes pkippes deleted the release-20250800 branch September 17, 2025 07:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Evan-Adam Evan-Adam Evan-Adam approved these changes

@scresto31 scresto31 Awaiting requested review from scresto31 scresto31 is a code owner automatically assigned from centreon/owners-perl

@kduret kduret Awaiting requested review from kduret kduret is a code owner automatically assigned from centreon/owners-pipelines

@mushroomempires mushroomempires Awaiting requested review from mushroomempires mushroomempires is a code owner automatically assigned from centreon/owners-pipelines

@jean-christophe81 jean-christophe81 Awaiting requested review from jean-christophe81 jean-christophe81 is a code owner automatically assigned from centreon/owners-robot-e2e

@sechkem sechkem Awaiting requested review from sechkem sechkem is a code owner automatically assigned from centreon/owners-robot-e2e

Assignees

No one assigned

Labels

skip-workflow-as400 skip-workflow-connector-vmware skip-workflow-docker-builder-packaging-plugins skip-workflow-docker-builder-testing-plugins skip-workflow-docker-builder-unit-tests skip-workflow-plugins skip-workflow-plugins-analysis

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.