Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/horizon@18.3.2
purl pkg:pypi/horizon@18.3.2
Next non-vulnerable version 18.3.3
Latest non-vulnerable version 20.2.0
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-bz2p-kcg8-nuc6
Aliases:
CVE-2020-29565
GHSA-f8fh-xp28-q59m
PYSEC-2020-45
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL.
18.3.3
Affected by 0 other vulnerabilities.
18.6.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:57:08.117551+00:00 GitLab Importer Affected by VCID-bz2p-kcg8-nuc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/horizon/CVE-2020-29565.yml 38.4.0
2026-04-11T23:12:32.732434+00:00 GitLab Importer Affected by VCID-bz2p-kcg8-nuc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/horizon/CVE-2020-29565.yml 38.3.0
2026-04-02T23:20:51.343503+00:00 GitLab Importer Affected by VCID-bz2p-kcg8-nuc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/horizon/CVE-2020-29565.yml 38.1.0
2026-04-01T17:41:31.949816+00:00 GitLab Importer Affected by VCID-bz2p-kcg8-nuc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/horizon/CVE-2020-29565.yml 38.0.0
2026-04-01T15:03:03.290425+00:00 PyPI Importer Affected by VCID-bz2p-kcg8-nuc6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T12:43:07.176682+00:00 Pypa Importer Affected by VCID-bz2p-kcg8-nuc6 https://github.com/pypa/advisory-database/blob/main/vulns/horizon/PYSEC-2020-45.yaml 38.0.0