Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2
purl pkg:deb/debian/horizon@3:18.6.2-5%2Bdeb11u2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-bz2p-kcg8-nuc6 An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL. CVE-2020-29565
GHSA-f8fh-xp28-q59m
PYSEC-2020-45
VCID-jg5v-wx6x-g3ah Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter. CVE-2022-45582
GHSA-5pv6-rprw-82wv
PYSEC-2023-153

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T16:50:35.246390+00:00 Debian Oval Importer Fixing VCID-jg5v-wx6x-g3ah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T22:49:01.762811+00:00 Debian Oval Importer Fixing VCID-bz2p-kcg8-nuc6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:37:22.047048+00:00 Debian Oval Importer Fixing VCID-jg5v-wx6x-g3ah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T22:23:40.983514+00:00 Debian Oval Importer Fixing VCID-bz2p-kcg8-nuc6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:28:06.589291+00:00 Debian Oval Importer Fixing VCID-jg5v-wx6x-g3ah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0