Information on source package horizon

Available versions

ReleaseVersion
jessie2014.1.3-7+deb8u2
stretch3:10.0.1-1
buster3:14.0.2-3+deb10u3
bullseye3:18.6.2-5+deb11u2
bookworm3:23.0.0-5+deb12u1
trixie3:25.1.0-5
sid3:25.1.0-5

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2022-45582vulnerablevulnerablefixedfixedfixedfixedfixedOpen Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1. ...
CVE-2022-4133vulnerablevulnerableunknownunknownunknownunknownunknown
CVE-2022-1655vulnerablefixedfixedfixedfixedfixedfixedAn Incorrect Permission Assignment for Critical Resource flaw was foun ...
CVE-2020-29565vulnerablevulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in OpenStack Horizon before 15.3.2, 16.x befor ...

Resolved issues

BugDescription
CVE-2017-7400OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 a ...
CVE-2016-4428Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horiz ...
CVE-2015-3988Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashb ...
CVE-2015-3219Cross-site scripting (XSS) vulnerability in the Orchestration/Stack se ...
CVE-2015-0271The log-viewing function in the Red Hat redhat-access-plugin before 6. ...
CVE-2014-8578Cross-site scripting (XSS) vulnerability in the Groups panel in OpenSt ...
CVE-2014-8124OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014 ...
CVE-2014-3594Cross-site scripting (XSS) vulnerability in the Host Aggregates interf ...
CVE-2014-3475Cross-site scripting (XSS) vulnerability in the Users panel (admin/use ...
CVE-2014-3474Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/ ...
CVE-2014-3473Cross-site scripting (XSS) vulnerability in the Orchestration/Stack se ...
CVE-2014-0157Cross-site scripting (XSS) vulnerability in the Horizon Orchestration ...
CVE-2013-6858Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashb ...
CVE-2013-4471The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 doe ...
CVE-2012-5476Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard pack ...
CVE-2012-5474The file /etc/openstack-dashboard/local_settings within Red Hat OpenSt ...
CVE-2012-3540Open redirect vulnerability in views/auth_forms.py in OpenStack Dashbo ...
CVE-2012-2144Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom ...
CVE-2012-2094Cross-site scripting (XSS) vulnerability in the refresh mechanism in t ...

Security announcements

DSA / DLADescription
DLA-3678-1horizon - security update
DSA-4820-1horizon - security update
DSA-3617-1horizon - security update
DLA-520-1horizon - security update

Search for package or bug name: Reporting problems