Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-v1kq-tkfx-bycx

Summary The reset password page in Puppet Enterprise before 3.0.1 does not force entry of the current password, which allows attackers to modify user passwords by leveraging session hijacking, an unattended workstation, or other vectors.

Aliases

alias	CVE-2013-4962

Fixed_packages

url	pkg:deb/debian/puppet@0?distro=bullseye
purl	pkg:deb/debian/puppet@0?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@0%3Fdistro=bullseye

url	pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl	pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4962

reference_id

reference_type

scores

value	0.0035
scoring_system	epss
scoring_elements	0.57416
published_at	2026-04-01T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57499
published_at	2026-04-02T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.5752
published_at	2026-04-04T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57496
published_at	2026-04-07T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57548
published_at	2026-04-18T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57552
published_at	2026-04-16T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57568
published_at	2026-04-11T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57547
published_at	2026-04-12T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57525
published_at	2026-04-13T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57528
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4962

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1kq-tkfx-bycx

Vulnerability Instance