VulnerableCode Package Details - pkg:deb/debian/horizon@3:14.0.2-3%2Bdeb10u2

Search for packages

Vulnerability	Summary	Fixed by
VCID-bz2p-kcg8-nuc6 Aliases: CVE-2020-29565 GHSA-f8fh-xp28-q59m PYSEC-2020-45	An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL.	3:18.6.2-5+deb11u2 Affected by 0 other vulnerabilities.
VCID-jg5v-wx6x-g3ah Aliases: CVE-2022-45582 GHSA-5pv6-rprw-82wv PYSEC-2023-153	Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.	3:18.6.2-5+deb11u2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-bz2p-kcg8-nuc6
Aliases:
CVE-2020-29565
GHSA-f8fh-xp28-q59m
PYSEC-2020-45

An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL.

3:18.6.2-5+deb11u2
Affected by 0 other vulnerabilities.

VCID-jg5v-wx6x-g3ah
Aliases:
CVE-2022-45582
GHSA-5pv6-rprw-82wv
PYSEC-2023-153

Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.

3:18.6.2-5+deb11u2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-bz2p-kcg8-nuc6	An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL.	CVE-2020-29565 GHSA-f8fh-xp28-q59m PYSEC-2020-45

Vulnerability

Summary

Aliases

VCID-bz2p-kcg8-nuc6

CVE-2020-29565
GHSA-f8fh-xp28-q59m
PYSEC-2020-45

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T16:50:35.242479+00:00	Debian Oval Importer	Affected by	VCID-jg5v-wx6x-g3ah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:52:01.964502+00:00	Debian Oval Importer	Fixing	VCID-bz2p-kcg8-nuc6	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-11T22:49:01.759203+00:00	Debian Oval Importer	Affected by	VCID-bz2p-kcg8-nuc6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:37:22.042992+00:00	Debian Oval Importer	Affected by	VCID-jg5v-wx6x-g3ah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:40:16.553548+00:00	Debian Oval Importer	Fixing	VCID-bz2p-kcg8-nuc6	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-08T22:23:40.979396+00:00	Debian Oval Importer	Affected by	VCID-bz2p-kcg8-nuc6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:28:06.577268+00:00	Debian Oval Importer	Affected by	VCID-jg5v-wx6x-g3ah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:13:18.201026+00:00	Debian Oval Importer	Fixing	VCID-bz2p-kcg8-nuc6	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0