Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/horizon@2013.2-1?distro=trixie

Type deb

Namespace debian

Name horizon

Version 2013.2-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2013.2-2

Latest_non_vulnerable_version 3:25.7.1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-ryy7-2bu5-gbaf

vulnerability_id VCID-ryy7-2bu5-gbaf

summary

Credentials Management
The Identity v3 API in OpenStack Dashboard (Horizon) does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4471.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4471.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4471

reference_id

reference_type

scores

value	0.00181
scoring_system	epss
scoring_elements	0.39665
published_at	2026-04-01T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39813
published_at	2026-04-02T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39836
published_at	2026-04-04T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39757
published_at	2026-04-07T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39812
published_at	2026-04-08T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39826
published_at	2026-04-09T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39835
published_at	2026-04-11T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39799
published_at	2026-04-12T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39783
published_at	2026-04-13T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39833
published_at	2026-04-16T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39805
published_at	2026-04-18T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39722
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4471

reference_url	https://bugs.launchpad.net/horizon/+bug/1237989
reference_id
reference_type
scores
url	https://bugs.launchpad.net/horizon/+bug/1237989

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4471
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4471

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4471
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4471

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1023586
reference_id	1023586
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1023586

fixed_packages

url	pkg:deb/debian/horizon@2013.2-1?distro=trixie
purl	pkg:deb/debian/horizon@2013.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2013.2-1%3Fdistro=trixie

url	pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl	pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie

url	pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl	pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie

aliases CVE-2013-4471

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ryy7-2bu5-gbaf

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2013.2-1%3Fdistro=trixie

Package Instance