Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/horizon@3:9.0.1-2?distro=trixie
Typedeb
Namespacedebian
Namehorizon
Version3:9.0.1-2
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3:10.0.1-1
Latest_non_vulnerable_version3:25.7.1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-t697-h44p-k3hq
vulnerability_id VCID-t697-h44p-k3hq
summary 
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1268
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1268
1
reference_url https://access.redhat.com/errata/RHSA-2016:1269
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1269
2
reference_url https://access.redhat.com/errata/RHSA-2016:1270
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1270
3
reference_url https://access.redhat.com/errata/RHSA-2016:1271
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1271
4
reference_url https://access.redhat.com/errata/RHSA-2016:1272
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1272
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4428.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4428.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4428
reference_id
reference_type
scores
0
value 0.0057
scoring_system epss
scoring_elements 0.68525
published_at 2026-04-01T12:55:00Z
1
value 0.0057
scoring_system epss
scoring_elements 0.68592
published_at 2026-04-13T12:55:00Z
2
value 0.0057
scoring_system epss
scoring_elements 0.68622
published_at 2026-04-12T12:55:00Z
3
value 0.0057
scoring_system epss
scoring_elements 0.68634
published_at 2026-04-11T12:55:00Z
4
value 0.0057
scoring_system epss
scoring_elements 0.68609
published_at 2026-04-09T12:55:00Z
5
value 0.0057
scoring_system epss
scoring_elements 0.68591
published_at 2026-04-08T12:55:00Z
6
value 0.0057
scoring_system epss
scoring_elements 0.6854
published_at 2026-04-07T12:55:00Z
7
value 0.0057
scoring_system epss
scoring_elements 0.68562
published_at 2026-04-04T12:55:00Z
8
value 0.0057
scoring_system epss
scoring_elements 0.68544
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4428
7
reference_url https://bugs.launchpad.net/horizon/+bug/1567673
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1567673
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1343982
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1343982
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3219
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/openstack/horizon/commit/62b4e6f30a7ae7961805abdffdb3c7ae5c2b676a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/62b4e6f30a7ae7961805abdffdb3c7ae5c2b676a
13
reference_url https://github.com/openstack/horizon/commit/d585e5eb9acf92d10d39b6c2038917a7e8ac71bb
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/d585e5eb9acf92d10d39b6c2038917a7e8ac71bb
14
reference_url https://github.com/openstack/horizon/commit/fc8d70560401f3985e5672a4c580f10d51e985a4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/fc8d70560401f3985e5672a4c580f10d51e985a4
15
reference_url https://review.openstack.org/329996
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/329996
16
reference_url https://review.openstack.org/329997
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/329997
17
reference_url https://review.openstack.org/329998
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/329998
18
reference_url https://security.openstack.org/ossa/OSSA-2016-010.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-010.html
19
reference_url http://www.debian.org/security/2016/dsa-3617
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3617
20
reference_url http://www.openwall.com/lists/oss-security/2016/06/17/4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/17/4
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828967
reference_id 828967
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828967
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
33
reference_url https://access.redhat.com/security/cve/CVE-2016-4428
reference_id CVE-2016-4428
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2016-4428
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4428
reference_id CVE-2016-4428
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4428
35
reference_url https://github.com/advisories/GHSA-grm6-x6mr-q3cv
reference_id GHSA-grm6-x6mr-q3cv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-grm6-x6mr-q3cv
36
reference_url https://usn.ubuntu.com/3447-1/
reference_id USN-3447-1
reference_type
scores
url https://usn.ubuntu.com/3447-1/
fixed_packages
0
url pkg:deb/debian/horizon@3:9.0.1-2?distro=trixie
purl pkg:deb/debian/horizon@3:9.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:9.0.1-2%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2016-4428, GHSA-grm6-x6mr-q3cv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t697-h44p-k3hq
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:9.0.1-2%3Fdistro=trixie