Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
Typedeb
Namespacedebian
Namehorizon
Version3:25.7.1-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1159-xhmc-5bc1
vulnerability_id VCID-1159-xhmc-5bc1
summary Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3540.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3540.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3540
reference_id
reference_type
scores
0
value 0.01906
scoring_system epss
scoring_elements 0.8327
published_at 2026-04-13T12:55:00Z
1
value 0.01906
scoring_system epss
scoring_elements 0.83202
published_at 2026-04-01T12:55:00Z
2
value 0.01906
scoring_system epss
scoring_elements 0.83218
published_at 2026-04-02T12:55:00Z
3
value 0.01906
scoring_system epss
scoring_elements 0.83232
published_at 2026-04-04T12:55:00Z
4
value 0.01906
scoring_system epss
scoring_elements 0.83231
published_at 2026-04-07T12:55:00Z
5
value 0.01906
scoring_system epss
scoring_elements 0.83256
published_at 2026-04-08T12:55:00Z
6
value 0.01906
scoring_system epss
scoring_elements 0.83265
published_at 2026-04-09T12:55:00Z
7
value 0.01906
scoring_system epss
scoring_elements 0.83281
published_at 2026-04-11T12:55:00Z
8
value 0.01906
scoring_system epss
scoring_elements 0.83275
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3540
2
reference_url https://bugs.launchpad.net/horizon/+bug/1039077
reference_id
reference_type
scores
url https://bugs.launchpad.net/horizon/+bug/1039077
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3540
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3540
4
reference_url http://secunia.com/advisories/50480
reference_id
reference_type
scores
url http://secunia.com/advisories/50480
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/78196
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/78196
6
reference_url https://github.com/openstack/horizon/commit/35eada8a27323c0f83c400177797927aba6bc99b
reference_id
reference_type
scores
url https://github.com/openstack/horizon/commit/35eada8a27323c0f83c400177797927aba6bc99b
7
reference_url https://lists.launchpad.net/openstack/msg16278.html
reference_id
reference_type
scores
url https://lists.launchpad.net/openstack/msg16278.html
8
reference_url https://lists.launchpad.net/openstack/msg16281.html
reference_id
reference_type
scores
url https://lists.launchpad.net/openstack/msg16281.html
9
reference_url http://www.openwall.com/lists/oss-security/2012/08/30/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/08/30/4
10
reference_url http://www.openwall.com/lists/oss-security/2012/08/30/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/08/30/5
11
reference_url http://www.securityfocus.com/bid/55329
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/55329
12
reference_url http://www.ubuntu.com/usn/USN-1565-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1565-1
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686050
reference_id 686050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686050
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=852246
reference_id 852246
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=852246
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:2012.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:2012.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:2012.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3540
reference_id CVE-2012-3540
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-3540
17
reference_url https://access.redhat.com/errata/RHSA-2012:1380
reference_id RHSA-2012:1380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1380
18
reference_url https://usn.ubuntu.com/1565-1/
reference_id USN-1565-1
reference_type
scores
url https://usn.ubuntu.com/1565-1/
fixed_packages
0
url pkg:deb/debian/horizon@2012.1.1-4?distro=trixie
purl pkg:deb/debian/horizon@2012.1.1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2012.1.1-4%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2012-3540, PYSEC-2012-18
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1159-xhmc-5bc1
1
url VCID-4kyr-d25r-eqeb
vulnerability_id VCID-4kyr-d25r-eqeb
summary Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079160.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079160.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2094
reference_id
reference_type
scores
0
value 0.01332
scoring_system epss
scoring_elements 0.79955
published_at 2026-04-13T12:55:00Z
1
value 0.01332
scoring_system epss
scoring_elements 0.79963
published_at 2026-04-12T12:55:00Z
2
value 0.01332
scoring_system epss
scoring_elements 0.7998
published_at 2026-04-11T12:55:00Z
3
value 0.01332
scoring_system epss
scoring_elements 0.7996
published_at 2026-04-09T12:55:00Z
4
value 0.01332
scoring_system epss
scoring_elements 0.79907
published_at 2026-04-01T12:55:00Z
5
value 0.01332
scoring_system epss
scoring_elements 0.79922
published_at 2026-04-07T12:55:00Z
6
value 0.01332
scoring_system epss
scoring_elements 0.79934
published_at 2026-04-04T12:55:00Z
7
value 0.01332
scoring_system epss
scoring_elements 0.79913
published_at 2026-04-02T12:55:00Z
8
value 0.01332
scoring_system epss
scoring_elements 0.79951
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2094
2
reference_url https://bugs.launchpad.net/horizon/+bug/977944
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/977944
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2094
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2094
4
reference_url http://secunia.com/advisories/49024
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/49024
5
reference_url http://secunia.com/advisories/49071
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/49071
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/76136
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/76136
7
reference_url https://github.com/openstack/horizon/commit/7f8c788aa70db98ac904f37fa4197fcabb802942
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/7f8c788aa70db98ac904f37fa4197fcabb802942
8
reference_url https://github.com/openstack/horizon/commit/ab2e27522aaeb0268fcc121bd3eff5a4485f313c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/ab2e27522aaeb0268fcc121bd3eff5a4485f313c
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2012-32.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2012-32.yaml
10
reference_url https://lists.launchpad.net/openstack/msg10211.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.launchpad.net/openstack/msg10211.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2094
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2094
12
reference_url http://ubuntu.com/usn/usn-1439-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1439-1
13
reference_url http://www.osvdb.org/81742
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.osvdb.org/81742
14
reference_url https://github.com/advisories/GHSA-j772-hpmw-32rm
reference_id GHSA-j772-hpmw-32rm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j772-hpmw-32rm
15
reference_url https://usn.ubuntu.com/1439-1/
reference_id USN-1439-1
reference_type
scores
url https://usn.ubuntu.com/1439-1/
fixed_packages
0
url pkg:deb/debian/horizon@2012.1-3?distro=trixie
purl pkg:deb/debian/horizon@2012.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2012.1-3%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2012-2094, GHSA-j772-hpmw-32rm, PYSEC-2012-32
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4kyr-d25r-eqeb
2
url VCID-62pm-hxst-4ugn
vulnerability_id VCID-62pm-hxst-4ugn
summary Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081173.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081173.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2144
reference_id
reference_type
scores
0
value 0.02937
scoring_system epss
scoring_elements 0.86429
published_at 2026-04-13T12:55:00Z
1
value 0.02937
scoring_system epss
scoring_elements 0.86435
published_at 2026-04-12T12:55:00Z
2
value 0.02937
scoring_system epss
scoring_elements 0.86364
published_at 2026-04-01T12:55:00Z
3
value 0.02937
scoring_system epss
scoring_elements 0.86423
published_at 2026-04-09T12:55:00Z
4
value 0.02937
scoring_system epss
scoring_elements 0.86412
published_at 2026-04-08T12:55:00Z
5
value 0.02937
scoring_system epss
scoring_elements 0.86394
published_at 2026-04-07T12:55:00Z
6
value 0.02937
scoring_system epss
scoring_elements 0.86392
published_at 2026-04-04T12:55:00Z
7
value 0.02937
scoring_system epss
scoring_elements 0.86375
published_at 2026-04-02T12:55:00Z
8
value 0.02937
scoring_system epss
scoring_elements 0.86436
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2144
2
reference_url https://bugs.launchpad.net/horizon/+bug/978896
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/978896
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2144
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2144
4
reference_url http://secunia.com/advisories/49024
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/49024
5
reference_url http://secunia.com/advisories/49071
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/49071
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/75423
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/75423
7
reference_url https://github.com/openstack/horizon
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon
8
reference_url https://github.com/openstack/horizon/commit/041b1c44c7d6cf5429505067c32f8f35166a8bab
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/041b1c44c7d6cf5429505067c32f8f35166a8bab
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2012-33.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2012-33.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2144
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2144
11
reference_url https://web.archive.org/web/20200228173630/http://www.securityfocus.com/bid/53399
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228173630/http://www.securityfocus.com/bid/53399
12
reference_url http://ubuntu.com/usn/usn-1439-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1439-1
13
reference_url http://www.openwall.com/lists/oss-security/2012/05/05/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/05/1
14
reference_url http://www.osvdb.org/81741
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.osvdb.org/81741
15
reference_url http://www.securityfocus.com/bid/53399
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/53399
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=671604
reference_id 671604
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=671604
17
reference_url https://github.com/advisories/GHSA-w7h9-8wr4-hwqh
reference_id GHSA-w7h9-8wr4-hwqh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w7h9-8wr4-hwqh
18
reference_url https://usn.ubuntu.com/1439-1/
reference_id USN-1439-1
reference_type
scores
url https://usn.ubuntu.com/1439-1/
fixed_packages
0
url pkg:deb/debian/horizon@2012.1-4?distro=trixie
purl pkg:deb/debian/horizon@2012.1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2012.1-4%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2012-2144, GHSA-w7h9-8wr4-hwqh, PYSEC-2012-33
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-62pm-hxst-4ugn
3
url VCID-7zwb-k8zj-r3az
vulnerability_id VCID-7zwb-k8zj-r3az
summary 
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:0581
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0581
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0157.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0157.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0157
reference_id
reference_type
scores
0
value 0.00264
scoring_system epss
scoring_elements 0.49908
published_at 2026-04-08T12:55:00Z
1
value 0.00264
scoring_system epss
scoring_elements 0.49892
published_at 2026-04-13T12:55:00Z
2
value 0.00264
scoring_system epss
scoring_elements 0.49891
published_at 2026-04-12T12:55:00Z
3
value 0.00264
scoring_system epss
scoring_elements 0.49919
published_at 2026-04-11T12:55:00Z
4
value 0.00264
scoring_system epss
scoring_elements 0.49901
published_at 2026-04-09T12:55:00Z
5
value 0.00264
scoring_system epss
scoring_elements 0.49837
published_at 2026-04-01T12:55:00Z
6
value 0.00264
scoring_system epss
scoring_elements 0.49874
published_at 2026-04-02T12:55:00Z
7
value 0.00264
scoring_system epss
scoring_elements 0.49902
published_at 2026-04-04T12:55:00Z
8
value 0.00264
scoring_system epss
scoring_elements 0.49853
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0157
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1082858
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1082858
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0157
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0157
6
reference_url https://launchpad.net/bugs/1289033
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1289033
7
reference_url https://opendev.org/openstack/horizon
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon
8
reference_url https://web.archive.org/web/20200228185211/http://www.securityfocus.com/bid/66706
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228185211/http://www.securityfocus.com/bid/66706
9
reference_url http://www.openwall.com/lists/oss-security/2014/04/08/8
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/04/08/8
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744019
reference_id 744019
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744019
11
reference_url https://access.redhat.com/security/cve/CVE-2014-0157
reference_id CVE-2014-0157
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-0157
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0157
reference_id CVE-2014-0157
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0157
13
reference_url https://github.com/advisories/GHSA-cmg8-5c63-pg95
reference_id GHSA-cmg8-5c63-pg95
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cmg8-5c63-pg95
14
reference_url https://usn.ubuntu.com/2206-1/
reference_id USN-2206-1
reference_type
scores
url https://usn.ubuntu.com/2206-1/
fixed_packages
0
url pkg:deb/debian/horizon@2013.2.3-1?distro=trixie
purl pkg:deb/debian/horizon@2013.2.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2013.2.3-1%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2014-0157, GHSA-cmg8-5c63-pg95
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7zwb-k8zj-r3az
4
url VCID-9qpr-314b-xudu
vulnerability_id VCID-9qpr-314b-xudu
summary 
OpenStack Horizon Cross-site Scripting (XSS)
OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:1598
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1598
1
reference_url https://access.redhat.com/errata/RHSA-2017:1739
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1739
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7400.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7400.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7400
reference_id
reference_type
scores
0
value 0.00223
scoring_system epss
scoring_elements 0.44959
published_at 2026-04-11T12:55:00Z
1
value 0.00223
scoring_system epss
scoring_elements 0.44929
published_at 2026-04-13T12:55:00Z
2
value 0.00223
scoring_system epss
scoring_elements 0.44936
published_at 2026-04-09T12:55:00Z
3
value 0.00223
scoring_system epss
scoring_elements 0.44935
published_at 2026-04-08T12:55:00Z
4
value 0.00223
scoring_system epss
scoring_elements 0.44883
published_at 2026-04-07T12:55:00Z
5
value 0.00223
scoring_system epss
scoring_elements 0.44941
published_at 2026-04-04T12:55:00Z
6
value 0.00223
scoring_system epss
scoring_elements 0.44921
published_at 2026-04-02T12:55:00Z
7
value 0.00223
scoring_system epss
scoring_elements 0.44927
published_at 2026-04-12T12:55:00Z
8
value 0.00223
scoring_system epss
scoring_elements 0.44838
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7400
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7400
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://launchpad.net/bugs/1667086
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1667086
7
reference_url https://opendev.org/openstack/horizon/commit/1407cfe53144146b29679de21f28c952282043ae
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon/commit/1407cfe53144146b29679de21f28c952282043ae
8
reference_url https://opendev.org/openstack/horizon/commit/511b325b45b6bd7a88bb6df1a4639b80d0121277
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon/commit/511b325b45b6bd7a88bb6df1a4639b80d0121277
9
reference_url https://opendev.org/openstack/horizon/commit/a835dbfbaa2c70329c08d4b8429d49315dc6d651
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon/commit/a835dbfbaa2c70329c08d4b8429d49315dc6d651
10
reference_url https://opendev.org/openstack/horizon/commit/ce80bb6fec3cb0262728e7ae8b9d695cf832e5bf
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon/commit/ce80bb6fec3cb0262728e7ae8b9d695cf832e5bf
11
reference_url http://www.securityfocus.com/bid/97324
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/97324
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1439626
reference_id 1439626
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1439626
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859559
reference_id 859559
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859559
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:b1:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.0:b1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:b1:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:b2:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.0:b2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:b2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:b3:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.0:b3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:b3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:rc1:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:rc2:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.0:rc3:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:10.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:10.0.2:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:11.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:11.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:11.0.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:b1:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:b1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:b1:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:b2:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:b2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:b2:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:b3:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:b3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:b3:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:rc1:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:rc2:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.1.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.1.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7400
reference_id CVE-2017-7400
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
2
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7400
34
reference_url https://github.com/advisories/GHSA-47vp-44v9-rhgq
reference_id GHSA-47vp-44v9-rhgq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-47vp-44v9-rhgq
fixed_packages
0
url pkg:deb/debian/horizon@3:10.0.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:10.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:10.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2017-7400, GHSA-47vp-44v9-rhgq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qpr-314b-xudu
5
url VCID-bd6x-wp7d-8fdj
vulnerability_id VCID-bd6x-wp7d-8fdj
summary python-django-horizon: persistent XSS in Horizon metadata dashboard
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3988.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3988.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3988
reference_id
reference_type
scores
0
value 0.00353
scoring_system epss
scoring_elements 0.57588
published_at 2026-04-01T12:55:00Z
1
value 0.00353
scoring_system epss
scoring_elements 0.57672
published_at 2026-04-02T12:55:00Z
2
value 0.00353
scoring_system epss
scoring_elements 0.57694
published_at 2026-04-04T12:55:00Z
3
value 0.00353
scoring_system epss
scoring_elements 0.57669
published_at 2026-04-07T12:55:00Z
4
value 0.00353
scoring_system epss
scoring_elements 0.57723
published_at 2026-04-08T12:55:00Z
5
value 0.00353
scoring_system epss
scoring_elements 0.57726
published_at 2026-04-09T12:55:00Z
6
value 0.00353
scoring_system epss
scoring_elements 0.57742
published_at 2026-04-11T12:55:00Z
7
value 0.00353
scoring_system epss
scoring_elements 0.5772
published_at 2026-04-12T12:55:00Z
8
value 0.00353
scoring_system epss
scoring_elements 0.57701
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3988
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3988
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1222871
reference_id 1222871
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1222871
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786741
reference_id 786741
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786741
5
reference_url https://access.redhat.com/errata/RHSA-2015:1679
reference_id RHSA-2015:1679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1679
fixed_packages
0
url pkg:deb/debian/horizon@2015.1.0-2?distro=trixie
purl pkg:deb/debian/horizon@2015.1.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2015.1.0-2%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2015-3988
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bd6x-wp7d-8fdj
6
url VCID-bz2p-kcg8-nuc6
vulnerability_id VCID-bz2p-kcg8-nuc6
summary An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29565.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29565.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-29565
reference_id
reference_type
scores
0
value 0.0071
scoring_system epss
scoring_elements 0.72167
published_at 2026-04-01T12:55:00Z
1
value 0.0071
scoring_system epss
scoring_elements 0.72212
published_at 2026-04-13T12:55:00Z
2
value 0.0071
scoring_system epss
scoring_elements 0.72226
published_at 2026-04-12T12:55:00Z
3
value 0.0071
scoring_system epss
scoring_elements 0.72243
published_at 2026-04-11T12:55:00Z
4
value 0.0071
scoring_system epss
scoring_elements 0.72172
published_at 2026-04-02T12:55:00Z
5
value 0.0071
scoring_system epss
scoring_elements 0.72219
published_at 2026-04-09T12:55:00Z
6
value 0.0071
scoring_system epss
scoring_elements 0.72207
published_at 2026-04-08T12:55:00Z
7
value 0.0071
scoring_system epss
scoring_elements 0.72193
published_at 2026-04-04T12:55:00Z
8
value 0.0071
scoring_system epss
scoring_elements 0.7217
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-29565
2
reference_url https://bugs.launchpad.net/horizon/+bug/1865026
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1865026
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29565
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/openstack/horizon
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon
6
reference_url https://github.com/openstack/horizon/commit/252467100f75587e18df9c43ed5802ee8f0017fa
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/252467100f75587e18df9c43ed5802ee8f0017fa
7
reference_url https://github.com/openstack/horizon/commit/6c208edf323ced07b15ec4bc3879bddb91d398bc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/6c208edf323ced07b15ec4bc3879bddb91d398bc
8
reference_url https://github.com/openstack/horizon/commit/9e0e333ab5277b6c396f602862ff90398cb0242b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/9e0e333ab5277b6c396f602862ff90398cb0242b
9
reference_url https://github.com/openstack/horizon/commit/baa370f84332ad41502daea29a551705696f4421
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/baa370f84332ad41502daea29a551705696f4421
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2020-45.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2020-45.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-29565
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-29565
12
reference_url https://review.opendev.org/c/openstack/horizon/+/758841
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/horizon/+/758841
13
reference_url https://review.opendev.org/c/openstack/horizon/+/758841/
reference_id
reference_type
scores
url https://review.opendev.org/c/openstack/horizon/+/758841/
14
reference_url https://review.opendev.org/c/openstack/horizon/+/758843
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/horizon/+/758843
15
reference_url https://review.opendev.org/c/openstack/horizon/+/758843/
reference_id
reference_type
scores
url https://review.opendev.org/c/openstack/horizon/+/758843/
16
reference_url https://security.openstack.org/ossa/OSSA-2020-008.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2020-008.html
17
reference_url https://www.debian.org/security/2020/dsa-4820
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4820
18
reference_url http://www.openwall.com/lists/oss-security/2020/12/08/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/12/08/2
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1811510
reference_id 1811510
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1811510
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976872
reference_id 976872
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976872
21
reference_url https://github.com/advisories/GHSA-f8fh-xp28-q59m
reference_id GHSA-f8fh-xp28-q59m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f8fh-xp28-q59m
22
reference_url https://access.redhat.com/errata/RHSA-2020:5411
reference_id RHSA-2020:5411
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5411
23
reference_url https://access.redhat.com/errata/RHSA-2020:5572
reference_id RHSA-2020:5572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5572
24
reference_url https://usn.ubuntu.com/4675-1/
reference_id USN-4675-1
reference_type
scores
url https://usn.ubuntu.com/4675-1/
fixed_packages
0
url pkg:deb/debian/horizon@3:18.6.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.1-1%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2020-29565, GHSA-f8fh-xp28-q59m, PYSEC-2020-45
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bz2p-kcg8-nuc6
7
url VCID-dsg5-s5y9-nbe3
vulnerability_id VCID-dsg5-s5y9-nbe3
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2, when used with Heat, allows remote Orchestration template owners or catalogs to inject arbitrary web script or HTML via a crafted template.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:0939
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0939
2
reference_url https://access.redhat.com/errata/RHSA-2014:1188
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1188
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3473.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3473.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3473
reference_id
reference_type
scores
0
value 0.004
scoring_system epss
scoring_elements 0.60698
published_at 2026-04-08T12:55:00Z
1
value 0.004
scoring_system epss
scoring_elements 0.60738
published_at 2026-04-11T12:55:00Z
2
value 0.004
scoring_system epss
scoring_elements 0.60577
published_at 2026-04-01T12:55:00Z
3
value 0.004
scoring_system epss
scoring_elements 0.60652
published_at 2026-04-02T12:55:00Z
4
value 0.004
scoring_system epss
scoring_elements 0.6068
published_at 2026-04-04T12:55:00Z
5
value 0.004
scoring_system epss
scoring_elements 0.60649
published_at 2026-04-07T12:55:00Z
6
value 0.004
scoring_system epss
scoring_elements 0.60713
published_at 2026-04-09T12:55:00Z
7
value 0.004
scoring_system epss
scoring_elements 0.60705
published_at 2026-04-13T12:55:00Z
8
value 0.004
scoring_system epss
scoring_elements 0.60725
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3473
5
reference_url https://bugs.launchpad.net/horizon/+bug/1308727
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1308727
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1116090
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1116090
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3473
8
reference_url https://github.com/openstack/horizon/commit/c844bd692894353c60b320005b804970605e910f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/c844bd692894353c60b320005b804970605e910f
9
reference_url https://github.com/openstack/horizon/commit/de4466d88b816437fb29eff5ab23b9b964cd3985
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/de4466d88b816437fb29eff5ab23b9b964cd3985
10
reference_url https://opendev.org/openstack/horizon
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon
11
reference_url http://www.openwall.com/lists/oss-security/2014/07/08/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/07/08/6
12
reference_url http://www.securityfocus.com/bid/68459
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/68459
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754255
reference_id 754255
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754255
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
17
reference_url https://access.redhat.com/security/cve/CVE-2014-3473
reference_id CVE-2014-3473
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3473
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3473
reference_id CVE-2014-3473
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3473
19
reference_url https://github.com/advisories/GHSA-8vwv-2v7v-jmgr
reference_id GHSA-8vwv-2v7v-jmgr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8vwv-2v7v-jmgr
20
reference_url https://usn.ubuntu.com/2323-1/
reference_id USN-2323-1
reference_type
scores
url https://usn.ubuntu.com/2323-1/
fixed_packages
0
url pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
purl pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2014.1.1-3%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2014-3473, GHSA-8vwv-2v7v-jmgr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dsg5-s5y9-nbe3
8
url VCID-e8ck-eteq-7kb3
vulnerability_id VCID-e8ck-eteq-7kb3
summary openstack: horizon multiple XSS vulnerabilities.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6858.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6858.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6858
reference_id
reference_type
scores
0
value 0.00478
scoring_system epss
scoring_elements 0.64899
published_at 2026-04-01T12:55:00Z
1
value 0.00478
scoring_system epss
scoring_elements 0.64949
published_at 2026-04-02T12:55:00Z
2
value 0.00478
scoring_system epss
scoring_elements 0.64976
published_at 2026-04-04T12:55:00Z
3
value 0.00478
scoring_system epss
scoring_elements 0.64939
published_at 2026-04-07T12:55:00Z
4
value 0.00478
scoring_system epss
scoring_elements 0.64989
published_at 2026-04-08T12:55:00Z
5
value 0.00478
scoring_system epss
scoring_elements 0.65003
published_at 2026-04-09T12:55:00Z
6
value 0.00478
scoring_system epss
scoring_elements 0.65021
published_at 2026-04-11T12:55:00Z
7
value 0.00478
scoring_system epss
scoring_elements 0.6501
published_at 2026-04-12T12:55:00Z
8
value 0.00478
scoring_system epss
scoring_elements 0.64983
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6858
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6858
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1034153
reference_id 1034153
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1034153
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730752
reference_id 730752
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730752
5
reference_url https://access.redhat.com/errata/RHSA-2014:0365
reference_id RHSA-2014:0365
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0365
6
reference_url https://usn.ubuntu.com/2062-1/
reference_id USN-2062-1
reference_type
scores
url https://usn.ubuntu.com/2062-1/
fixed_packages
0
url pkg:deb/debian/horizon@2013.2-2?distro=trixie
purl pkg:deb/debian/horizon@2013.2-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2013.2-2%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2013-6858
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8ck-eteq-7kb3
9
url VCID-g2c2-v9pm-wyc3
vulnerability_id VCID-g2c2-v9pm-wyc3
summary dashboard: log file arbitrary file retrieval
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0271.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0271.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0271
reference_id
reference_type
scores
0
value 0.00199
scoring_system epss
scoring_elements 0.41933
published_at 2026-04-01T12:55:00Z
1
value 0.00199
scoring_system epss
scoring_elements 0.41995
published_at 2026-04-02T12:55:00Z
2
value 0.00199
scoring_system epss
scoring_elements 0.42022
published_at 2026-04-04T12:55:00Z
3
value 0.00199
scoring_system epss
scoring_elements 0.41948
published_at 2026-04-07T12:55:00Z
4
value 0.00199
scoring_system epss
scoring_elements 0.41998
published_at 2026-04-08T12:55:00Z
5
value 0.00199
scoring_system epss
scoring_elements 0.42009
published_at 2026-04-09T12:55:00Z
6
value 0.00199
scoring_system epss
scoring_elements 0.42032
published_at 2026-04-11T12:55:00Z
7
value 0.00199
scoring_system epss
scoring_elements 0.41994
published_at 2026-04-12T12:55:00Z
8
value 0.00199
scoring_system epss
scoring_elements 0.4198
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0271
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1193638
reference_id 1193638
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1193638
3
reference_url https://access.redhat.com/errata/RHSA-2015:0645
reference_id RHSA-2015:0645
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0645
4
reference_url https://access.redhat.com/errata/RHSA-2015:0840
reference_id RHSA-2015:0840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0840
5
reference_url https://access.redhat.com/errata/RHSA-2015:0841
reference_id RHSA-2015:0841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0841
fixed_packages
0
url pkg:deb/debian/horizon@0?distro=trixie
purl pkg:deb/debian/horizon@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@0%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2015-0271
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2c2-v9pm-wyc3
10
url VCID-jg5v-wx6x-g3ah
vulnerability_id VCID-jg5v-wx6x-g3ah
summary Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45582
reference_id
reference_type
scores
0
value 0.00286
scoring_system epss
scoring_elements 0.52029
published_at 2026-04-02T12:55:00Z
1
value 0.00286
scoring_system epss
scoring_elements 0.52092
published_at 2026-04-13T12:55:00Z
2
value 0.00286
scoring_system epss
scoring_elements 0.52107
published_at 2026-04-12T12:55:00Z
3
value 0.00286
scoring_system epss
scoring_elements 0.52124
published_at 2026-04-11T12:55:00Z
4
value 0.00286
scoring_system epss
scoring_elements 0.52072
published_at 2026-04-09T12:55:00Z
5
value 0.00286
scoring_system epss
scoring_elements 0.52075
published_at 2026-04-08T12:55:00Z
6
value 0.00286
scoring_system epss
scoring_elements 0.52021
published_at 2026-04-07T12:55:00Z
7
value 0.00286
scoring_system epss
scoring_elements 0.52055
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45582
1
reference_url https://bugs.launchpad.net/horizon/+bug/1982676
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1982676
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45582
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45582
3
reference_url https://github.com/openstack/horizon
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon
4
reference_url https://github.com/openstack/horizon/blob/master/horizon/workflows/views.py#L96-L102
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/blob/master/horizon/workflows/views.py#L96-L102
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2023-153.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2023-153.yaml
6
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00033.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/11/msg00033.html
7
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00000.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00000.html
8
reference_url https://opendev.org/openstack/horizon/commit/79d139594290779b2f74ca894332aa7f2f7e4735
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon/commit/79d139594290779b2f74ca894332aa7f2f7e4735
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45582
reference_id CVE-2022-45582
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45582
10
reference_url https://github.com/advisories/GHSA-5pv6-rprw-82wv
reference_id GHSA-5pv6-rprw-82wv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5pv6-rprw-82wv
fixed_packages
0
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.1.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:23.1.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.1.0-3%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2022-45582, GHSA-5pv6-rprw-82wv, PYSEC-2023-153
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jg5v-wx6x-g3ah
11
url VCID-kvy8-9dgv-nuc1
vulnerability_id VCID-kvy8-9dgv-nuc1
summary python-django-horizon: denial of service via login page requests
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147520.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147520.html
1
reference_url http://lists.openstack.org/pipermail/openstack-announce/2014-December/000308.html
reference_id
reference_type
scores
url http://lists.openstack.org/pipermail/openstack-announce/2014-December/000308.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0839.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0839.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0845.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0845.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8124.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8124.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8124
reference_id
reference_type
scores
0
value 0.0083
scoring_system epss
scoring_elements 0.74531
published_at 2026-04-13T12:55:00Z
1
value 0.0083
scoring_system epss
scoring_elements 0.74484
published_at 2026-04-01T12:55:00Z
2
value 0.0083
scoring_system epss
scoring_elements 0.74488
published_at 2026-04-02T12:55:00Z
3
value 0.0083
scoring_system epss
scoring_elements 0.74514
published_at 2026-04-04T12:55:00Z
4
value 0.0083
scoring_system epss
scoring_elements 0.74489
published_at 2026-04-07T12:55:00Z
5
value 0.0083
scoring_system epss
scoring_elements 0.74521
published_at 2026-04-08T12:55:00Z
6
value 0.0083
scoring_system epss
scoring_elements 0.74536
published_at 2026-04-09T12:55:00Z
7
value 0.0083
scoring_system epss
scoring_elements 0.74558
published_at 2026-04-11T12:55:00Z
8
value 0.0083
scoring_system epss
scoring_elements 0.74538
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8124
7
reference_url https://bugs.launchpad.net/horizon/+bug/1394370
reference_id
reference_type
scores
url https://bugs.launchpad.net/horizon/+bug/1394370
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8124
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8124
9
reference_url http://secunia.com/advisories/61186
reference_id
reference_type
scores
url http://secunia.com/advisories/61186
10
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1169637
reference_id 1169637
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1169637
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772710
reference_id 772710
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772710
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8124
reference_id CVE-2014-8124
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-8124
18
reference_url https://access.redhat.com/errata/RHSA-2015:0839
reference_id RHSA-2015:0839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0839
19
reference_url https://access.redhat.com/errata/RHSA-2015:0845
reference_id RHSA-2015:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0845
fixed_packages
0
url pkg:deb/debian/horizon@2014.1.3-6?distro=trixie
purl pkg:deb/debian/horizon@2014.1.3-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2014.1.3-6%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2014-8124
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kvy8-9dgv-nuc1
12
url VCID-n2fx-xctw-r7fr
vulnerability_id VCID-n2fx-xctw-r7fr
summary openstack-horizon: multiple XSS flaws
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8578.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8578.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8578
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.5479
published_at 2026-04-13T12:55:00Z
1
value 0.00317
scoring_system epss
scoring_elements 0.5471
published_at 2026-04-01T12:55:00Z
2
value 0.00317
scoring_system epss
scoring_elements 0.54779
published_at 2026-04-02T12:55:00Z
3
value 0.00317
scoring_system epss
scoring_elements 0.54801
published_at 2026-04-04T12:55:00Z
4
value 0.00317
scoring_system epss
scoring_elements 0.54771
published_at 2026-04-07T12:55:00Z
5
value 0.00317
scoring_system epss
scoring_elements 0.54821
published_at 2026-04-08T12:55:00Z
6
value 0.00317
scoring_system epss
scoring_elements 0.54818
published_at 2026-04-09T12:55:00Z
7
value 0.00317
scoring_system epss
scoring_elements 0.54829
published_at 2026-04-11T12:55:00Z
8
value 0.00317
scoring_system epss
scoring_elements 0.54812
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8578
2
reference_url https://bugs.launchpad.net/horizon/+bug/1320235
reference_id
reference_type
scores
url https://bugs.launchpad.net/horizon/+bug/1320235
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8578
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8578
4
reference_url http://www.openwall.com/lists/oss-security/2014/07/08/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/07/08/6
5
reference_url http://www.securityfocus.com/bid/68456
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68456
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8578
reference_id CVE-2014-8578
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-8578
fixed_packages
0
url pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
purl pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2014.1.1-3%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2014-8578
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n2fx-xctw-r7fr
13
url VCID-prw2-h932-67d3
vulnerability_id VCID-prw2-h932-67d3
summary The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5474
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20762
published_at 2026-04-01T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.20909
published_at 2026-04-02T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.20969
published_at 2026-04-04T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.20683
published_at 2026-04-07T12:55:00Z
4
value 0.00067
scoring_system epss
scoring_elements 0.2076
published_at 2026-04-08T12:55:00Z
5
value 0.00067
scoring_system epss
scoring_elements 0.20821
published_at 2026-04-09T12:55:00Z
6
value 0.00067
scoring_system epss
scoring_elements 0.20839
published_at 2026-04-11T12:55:00Z
7
value 0.00067
scoring_system epss
scoring_elements 0.20795
published_at 2026-04-12T12:55:00Z
8
value 0.00067
scoring_system epss
scoring_elements 0.20743
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5474
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5474
fixed_packages
0
url pkg:deb/debian/horizon@2012.1.1-7?distro=trixie
purl pkg:deb/debian/horizon@2012.1.1-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2012.1.1-7%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2012-5474
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prw2-h932-67d3
14
url VCID-rc85-fmv7-6fh8
vulnerability_id VCID-rc85-fmv7-6fh8
summary 
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface
Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1335.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1335.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1336.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1336.html
3
reference_url https://access.redhat.com/errata/RHSA-2014:1188
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1188
4
reference_url https://access.redhat.com/errata/RHSA-2014:1335
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1335
5
reference_url https://access.redhat.com/errata/RHSA-2014:1336
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1336
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3594.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3594.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3594
reference_id
reference_type
scores
0
value 0.00605
scoring_system epss
scoring_elements 0.69602
published_at 2026-04-13T12:55:00Z
1
value 0.00605
scoring_system epss
scoring_elements 0.69535
published_at 2026-04-01T12:55:00Z
2
value 0.00605
scoring_system epss
scoring_elements 0.69547
published_at 2026-04-02T12:55:00Z
3
value 0.00605
scoring_system epss
scoring_elements 0.69563
published_at 2026-04-04T12:55:00Z
4
value 0.00605
scoring_system epss
scoring_elements 0.69541
published_at 2026-04-07T12:55:00Z
5
value 0.00605
scoring_system epss
scoring_elements 0.69592
published_at 2026-04-08T12:55:00Z
6
value 0.00605
scoring_system epss
scoring_elements 0.69608
published_at 2026-04-09T12:55:00Z
7
value 0.00605
scoring_system epss
scoring_elements 0.69631
published_at 2026-04-11T12:55:00Z
8
value 0.00605
scoring_system epss
scoring_elements 0.69615
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3594
8
reference_url https://bugs.launchpad.net/horizon/+bug/1349491
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1349491
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1129774
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1129774
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3594
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3594
11
reference_url http://seclists.org/oss-sec/2014/q3/413
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q3/413
12
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/95378
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/95378
13
reference_url https://github.com/openstack/horizon/commit/ba2c98aea0db0d03200c811b86b3efe8367f3905
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/ba2c98aea0db0d03200c811b86b3efe8367f3905
14
reference_url https://github.com/openstack/horizon/commit/ba908ae88d5925f4f6783eb234cc4ea95017472b
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/ba908ae88d5925f4f6783eb234cc4ea95017472b
15
reference_url https://review.openstack.org/#/c/115310
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/115310
16
reference_url https://review.openstack.org/#/c/115311
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/115311
17
reference_url https://review.openstack.org/#/c/115313
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/115313
18
reference_url https://review.openstack.org/#/c/115313/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/115313/
19
reference_url http://www.securityfocus.com/bid/69291
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/69291
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758930
reference_id 758930
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758930
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:juno-2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-2:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
25
reference_url https://access.redhat.com/security/cve/CVE-2014-3594
reference_id CVE-2014-3594
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3594
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3594
reference_id CVE-2014-3594
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3594
27
reference_url https://github.com/advisories/GHSA-8g68-2hcj-h8vg
reference_id GHSA-8g68-2hcj-h8vg
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8g68-2hcj-h8vg
28
reference_url https://usn.ubuntu.com/2323-1/
reference_id USN-2323-1
reference_type
scores
url https://usn.ubuntu.com/2323-1/
fixed_packages
0
url pkg:deb/debian/horizon@2014.1.2-3?distro=trixie
purl pkg:deb/debian/horizon@2014.1.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2014.1.2-3%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2014-3594, GHSA-8g68-2hcj-h8vg
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rc85-fmv7-6fh8
15
url VCID-ryy7-2bu5-gbaf
vulnerability_id VCID-ryy7-2bu5-gbaf
summary 
Credentials Management
The Identity v3 API in OpenStack Dashboard (Horizon) does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4471.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4471
reference_id
reference_type
scores
0
value 0.00181
scoring_system epss
scoring_elements 0.39665
published_at 2026-04-01T12:55:00Z
1
value 0.00181
scoring_system epss
scoring_elements 0.39813
published_at 2026-04-02T12:55:00Z
2
value 0.00181
scoring_system epss
scoring_elements 0.39836
published_at 2026-04-04T12:55:00Z
3
value 0.00181
scoring_system epss
scoring_elements 0.39757
published_at 2026-04-07T12:55:00Z
4
value 0.00181
scoring_system epss
scoring_elements 0.39812
published_at 2026-04-08T12:55:00Z
5
value 0.00181
scoring_system epss
scoring_elements 0.39826
published_at 2026-04-09T12:55:00Z
6
value 0.00181
scoring_system epss
scoring_elements 0.39835
published_at 2026-04-11T12:55:00Z
7
value 0.00181
scoring_system epss
scoring_elements 0.39799
published_at 2026-04-12T12:55:00Z
8
value 0.00181
scoring_system epss
scoring_elements 0.39783
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4471
2
reference_url https://bugs.launchpad.net/horizon/+bug/1237989
reference_id
reference_type
scores
url https://bugs.launchpad.net/horizon/+bug/1237989
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4471
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4471
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4471
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1023586
reference_id 1023586
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1023586
fixed_packages
0
url pkg:deb/debian/horizon@2013.2-1?distro=trixie
purl pkg:deb/debian/horizon@2013.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2013.2-1%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2013-4471
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ryy7-2bu5-gbaf
16
url VCID-t697-h44p-k3hq
vulnerability_id VCID-t697-h44p-k3hq
summary 
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1268
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1268
1
reference_url https://access.redhat.com/errata/RHSA-2016:1269
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1269
2
reference_url https://access.redhat.com/errata/RHSA-2016:1270
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1270
3
reference_url https://access.redhat.com/errata/RHSA-2016:1271
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1271
4
reference_url https://access.redhat.com/errata/RHSA-2016:1272
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1272
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4428.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4428.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4428
reference_id
reference_type
scores
0
value 0.0057
scoring_system epss
scoring_elements 0.68525
published_at 2026-04-01T12:55:00Z
1
value 0.0057
scoring_system epss
scoring_elements 0.68592
published_at 2026-04-13T12:55:00Z
2
value 0.0057
scoring_system epss
scoring_elements 0.68622
published_at 2026-04-12T12:55:00Z
3
value 0.0057
scoring_system epss
scoring_elements 0.68634
published_at 2026-04-11T12:55:00Z
4
value 0.0057
scoring_system epss
scoring_elements 0.68609
published_at 2026-04-09T12:55:00Z
5
value 0.0057
scoring_system epss
scoring_elements 0.68591
published_at 2026-04-08T12:55:00Z
6
value 0.0057
scoring_system epss
scoring_elements 0.6854
published_at 2026-04-07T12:55:00Z
7
value 0.0057
scoring_system epss
scoring_elements 0.68562
published_at 2026-04-04T12:55:00Z
8
value 0.0057
scoring_system epss
scoring_elements 0.68544
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4428
7
reference_url https://bugs.launchpad.net/horizon/+bug/1567673
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1567673
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1343982
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1343982
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3219
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/openstack/horizon/commit/62b4e6f30a7ae7961805abdffdb3c7ae5c2b676a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/62b4e6f30a7ae7961805abdffdb3c7ae5c2b676a
13
reference_url https://github.com/openstack/horizon/commit/d585e5eb9acf92d10d39b6c2038917a7e8ac71bb
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/d585e5eb9acf92d10d39b6c2038917a7e8ac71bb
14
reference_url https://github.com/openstack/horizon/commit/fc8d70560401f3985e5672a4c580f10d51e985a4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/fc8d70560401f3985e5672a4c580f10d51e985a4
15
reference_url https://review.openstack.org/329996
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/329996
16
reference_url https://review.openstack.org/329997
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/329997
17
reference_url https://review.openstack.org/329998
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/329998
18
reference_url https://security.openstack.org/ossa/OSSA-2016-010.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-010.html
19
reference_url http://www.debian.org/security/2016/dsa-3617
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3617
20
reference_url http://www.openwall.com/lists/oss-security/2016/06/17/4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/17/4
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828967
reference_id 828967
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828967
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:9.0.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
33
reference_url https://access.redhat.com/security/cve/CVE-2016-4428
reference_id CVE-2016-4428
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2016-4428
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4428
reference_id CVE-2016-4428
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4428
35
reference_url https://github.com/advisories/GHSA-grm6-x6mr-q3cv
reference_id GHSA-grm6-x6mr-q3cv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-grm6-x6mr-q3cv
36
reference_url https://usn.ubuntu.com/3447-1/
reference_id USN-3447-1
reference_type
scores
url https://usn.ubuntu.com/3447-1/
fixed_packages
0
url pkg:deb/debian/horizon@3:9.0.1-2?distro=trixie
purl pkg:deb/debian/horizon@3:9.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:9.0.1-2%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2016-4428, GHSA-grm6-x6mr-q3cv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t697-h44p-k3hq
17
url VCID-tngh-mgyc-xka4
vulnerability_id VCID-tngh-mgyc-xka4
summary openstack-horizon: multiple XSS flaws
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3475.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3475.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3475
reference_id
reference_type
scores
0
value 0.00359
scoring_system epss
scoring_elements 0.58132
published_at 2026-04-13T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.58021
published_at 2026-04-01T12:55:00Z
2
value 0.00359
scoring_system epss
scoring_elements 0.58106
published_at 2026-04-02T12:55:00Z
3
value 0.00359
scoring_system epss
scoring_elements 0.58127
published_at 2026-04-04T12:55:00Z
4
value 0.00359
scoring_system epss
scoring_elements 0.58101
published_at 2026-04-07T12:55:00Z
5
value 0.00359
scoring_system epss
scoring_elements 0.58156
published_at 2026-04-08T12:55:00Z
6
value 0.00359
scoring_system epss
scoring_elements 0.5816
published_at 2026-04-09T12:55:00Z
7
value 0.00359
scoring_system epss
scoring_elements 0.58175
published_at 2026-04-11T12:55:00Z
8
value 0.00359
scoring_system epss
scoring_elements 0.58152
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3475
3
reference_url https://bugs.launchpad.net/horizon/+bug/1320235
reference_id
reference_type
scores
url https://bugs.launchpad.net/horizon/+bug/1320235
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3475
5
reference_url http://www.openwall.com/lists/oss-security/2014/07/08/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/07/08/6
6
reference_url http://www.securityfocus.com/bid/68456
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68456
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754255
reference_id 754255
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754255
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3475
reference_id CVE-2014-3475
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-3475
12
reference_url https://usn.ubuntu.com/2323-1/
reference_id USN-2323-1
reference_type
scores
url https://usn.ubuntu.com/2323-1/
fixed_packages
0
url pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
purl pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2014.1.1-3%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2014-3475
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tngh-mgyc-xka4
18
url VCID-uam9-tmby-wye7
vulnerability_id VCID-uam9-tmby-wye7
summary Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5476
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.34885
published_at 2026-04-01T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.35083
published_at 2026-04-02T12:55:00Z
2
value 0.00146
scoring_system epss
scoring_elements 0.3511
published_at 2026-04-04T12:55:00Z
3
value 0.00146
scoring_system epss
scoring_elements 0.3499
published_at 2026-04-07T12:55:00Z
4
value 0.00146
scoring_system epss
scoring_elements 0.35034
published_at 2026-04-08T12:55:00Z
5
value 0.00146
scoring_system epss
scoring_elements 0.35062
published_at 2026-04-09T12:55:00Z
6
value 0.00146
scoring_system epss
scoring_elements 0.35066
published_at 2026-04-11T12:55:00Z
7
value 0.00146
scoring_system epss
scoring_elements 0.3503
published_at 2026-04-12T12:55:00Z
8
value 0.00146
scoring_system epss
scoring_elements 0.35007
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5476
fixed_packages
0
url pkg:deb/debian/horizon@0?distro=trixie
purl pkg:deb/debian/horizon@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@0%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2012-5476
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uam9-tmby-wye7
19
url VCID-xpdp-h35e-m3cz
vulnerability_id VCID-xpdp-h35e-m3cz
summary Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handled in the help_text attribute in the Field class.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000361.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000361.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1679.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1679.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3219.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3219.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3219
reference_id
reference_type
scores
0
value 0.00408
scoring_system epss
scoring_elements 0.61196
published_at 2026-04-13T12:55:00Z
1
value 0.00408
scoring_system epss
scoring_elements 0.61074
published_at 2026-04-01T12:55:00Z
2
value 0.00408
scoring_system epss
scoring_elements 0.61152
published_at 2026-04-02T12:55:00Z
3
value 0.00408
scoring_system epss
scoring_elements 0.6118
published_at 2026-04-04T12:55:00Z
4
value 0.00408
scoring_system epss
scoring_elements 0.61145
published_at 2026-04-07T12:55:00Z
5
value 0.00408
scoring_system epss
scoring_elements 0.61194
published_at 2026-04-08T12:55:00Z
6
value 0.00408
scoring_system epss
scoring_elements 0.61209
published_at 2026-04-09T12:55:00Z
7
value 0.00408
scoring_system epss
scoring_elements 0.61229
published_at 2026-04-11T12:55:00Z
8
value 0.00408
scoring_system epss
scoring_elements 0.61215
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3219
4
reference_url https://bugs.launchpad.net/horizon/+bug/1453074
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1453074
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3219
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428
7
reference_url https://github.com/openstack/horizon
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon
8
reference_url https://github.com/openstack/horizon/commit/28d8f49786d6df297b2574514916fa782e941e09
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/28d8f49786d6df297b2574514916fa782e941e09
9
reference_url https://github.com/openstack/horizon/commit/84da479739fbfff75d9492d00fd0ed1a31ea52b3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/84da479739fbfff75d9492d00fd0ed1a31ea52b3
10
reference_url https://github.com/openstack/horizon/commit/dab92e7d2f576caea8f81c8e22a516fb45633794
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/dab92e7d2f576caea8f81c8e22a516fb45633794
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2015-40.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2015-40.yaml
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3219
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3219
13
reference_url http://www.debian.org/security/2016/dsa-3617
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3617
14
reference_url http://www.openwall.com/lists/oss-security/2015/06/09/7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/06/09/7
15
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
16
reference_url http://www.securityfocus.com/bid/75109
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/75109
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1228534
reference_id 1228534
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1228534
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788306
reference_id 788306
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788306
19
reference_url https://github.com/advisories/GHSA-rhjj-f6gq-6gx2
reference_id GHSA-rhjj-f6gq-6gx2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rhjj-f6gq-6gx2
20
reference_url https://access.redhat.com/errata/RHSA-2015:1679
reference_id RHSA-2015:1679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1679
fixed_packages
0
url pkg:deb/debian/horizon@2015.1.0%2B2015.06.09.git15.e63af6c598-1?distro=trixie
purl pkg:deb/debian/horizon@2015.1.0%2B2015.06.09.git15.e63af6c598-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2015.1.0%252B2015.06.09.git15.e63af6c598-1%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2015-3219, GHSA-rhjj-f6gq-6gx2, PYSEC-2015-40
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpdp-h35e-m3cz
20
url VCID-y6r1-kubt-pudv
vulnerability_id VCID-y6r1-kubt-pudv
summary OpenStack: Horizon session cookies are not flagged HttpOnly
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1655.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1655.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1655
reference_id
reference_type
scores
0
value 0.00192
scoring_system epss
scoring_elements 0.41055
published_at 2026-04-01T12:55:00Z
1
value 0.00192
scoring_system epss
scoring_elements 0.41137
published_at 2026-04-12T12:55:00Z
2
value 0.00192
scoring_system epss
scoring_elements 0.41167
published_at 2026-04-04T12:55:00Z
3
value 0.00192
scoring_system epss
scoring_elements 0.41094
published_at 2026-04-07T12:55:00Z
4
value 0.00192
scoring_system epss
scoring_elements 0.41142
published_at 2026-04-08T12:55:00Z
5
value 0.00192
scoring_system epss
scoring_elements 0.4115
published_at 2026-04-09T12:55:00Z
6
value 0.00192
scoring_system epss
scoring_elements 0.4117
published_at 2026-04-11T12:55:00Z
7
value 0.00192
scoring_system epss
scoring_elements 0.4112
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1655
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2075681
reference_id 2075681
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2075681
4
reference_url https://access.redhat.com/errata/RHSA-2022:8856
reference_id RHSA-2022:8856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8856
fixed_packages
0
url pkg:deb/debian/horizon@0?distro=trixie
purl pkg:deb/debian/horizon@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@0%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2022-1655
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6r1-kubt-pudv
21
url VCID-zxjy-82n2-mkdb
vulnerability_id VCID-zxjy-82n2-mkdb
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to inject arbitrary web script or HTML via a network name.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:0939
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0939
2
reference_url https://access.redhat.com/errata/RHSA-2014:1188
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1188
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3474.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3474.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3474
reference_id
reference_type
scores
0
value 0.00303
scoring_system epss
scoring_elements 0.53617
published_at 2026-04-13T12:55:00Z
1
value 0.00303
scoring_system epss
scoring_elements 0.53539
published_at 2026-04-01T12:55:00Z
2
value 0.00303
scoring_system epss
scoring_elements 0.53561
published_at 2026-04-02T12:55:00Z
3
value 0.00303
scoring_system epss
scoring_elements 0.53588
published_at 2026-04-04T12:55:00Z
4
value 0.00303
scoring_system epss
scoring_elements 0.53556
published_at 2026-04-07T12:55:00Z
5
value 0.00303
scoring_system epss
scoring_elements 0.53606
published_at 2026-04-08T12:55:00Z
6
value 0.00303
scoring_system epss
scoring_elements 0.53602
published_at 2026-04-09T12:55:00Z
7
value 0.00303
scoring_system epss
scoring_elements 0.53651
published_at 2026-04-11T12:55:00Z
8
value 0.00303
scoring_system epss
scoring_elements 0.53634
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3474
5
reference_url https://bugs.launchpad.net/horizon/+bug/1322197
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/horizon/+bug/1322197
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1116090
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1116090
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3474
8
reference_url https://github.com/openstack/horizon/commit/32a7b713468161282f2ea01d5e2faff980d924cd
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/32a7b713468161282f2ea01d5e2faff980d924cd
9
reference_url https://github.com/openstack/horizon/commit/c844bd692894353c60b320005b804970605e910f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/c844bd692894353c60b320005b804970605e910f
10
reference_url https://github.com/openstack/horizon/commit/de4466d88b816437fb29eff5ab23b9b964cd3985
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/horizon/commit/de4466d88b816437fb29eff5ab23b9b964cd3985
11
reference_url https://opendev.org/openstack/horizon
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/horizon
12
reference_url https://review.opendev.org/c/openstack/horizon/+/105476
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.opendev.org/c/openstack/horizon/+/105476
13
reference_url https://review.openstack.org/#/c/105477
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/105477
14
reference_url http://www.openwall.com/lists/oss-security/2014/07/08/6
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/07/08/6
15
reference_url http://www.securityfocus.com/bid/68460
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/68460
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754255
reference_id 754255
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754255
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
20
reference_url https://access.redhat.com/security/cve/CVE-2014-3474
reference_id CVE-2014-3474
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3474
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3474
reference_id CVE-2014-3474
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3474
22
reference_url https://github.com/advisories/GHSA-j57p-g33w-95c5
reference_id GHSA-j57p-g33w-95c5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j57p-g33w-95c5
23
reference_url https://usn.ubuntu.com/2323-1/
reference_id USN-2323-1
reference_type
scores
url https://usn.ubuntu.com/2323-1/
fixed_packages
0
url pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
purl pkg:deb/debian/horizon@2014.1.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@2014.1.1-3%3Fdistro=trixie
1
url pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:18.6.2-5%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/horizon@3:23.0.0-5%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:23.0.0-5%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
purl pkg:deb/debian/horizon@3:25.3.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.3.0-3%3Fdistro=trixie
4
url pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
purl pkg:deb/debian/horizon@3:25.7.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie
aliases CVE-2014-3474, GHSA-j57p-g33w-95c5
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zxjy-82n2-mkdb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/horizon@3:25.7.1-1%3Fdistro=trixie