Information on source package horizon

Available versions

ReleaseVersion
wheezy2012.1.1-10
wheezy (security)2012.1.1-10+deb7u1
jessie (security)2014.1.3-7+deb8u2
stretch3:10.0.1-1
buster3:10.0.1-1
sid3:10.0.1-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2014-8124vulnerable (no DSA)fixedfixedfixedfixedOpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before ...
CVE-2014-3475vulnerable (no DSA)fixedfixedfixedfixedCross-site scripting (XSS) vulnerability in the Users panel ...
CVE-2014-3474vulnerable (no DSA)fixedfixedfixedfixedCross-site scripting (XSS) vulnerability in ...
CVE-2014-3473vulnerable (no DSA)fixedfixedfixedfixedCross-site scripting (XSS) vulnerability in the Orchestration/Stack ...

Resolved issues

BugDescription
CVE-2017-7400OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 ...
CVE-2016-4428Cross-site scripting (XSS) vulnerability in OpenStack Dashboard ...
CVE-2015-3988Multiple cross-site scripting (XSS) vulnerabilities in OpenStack ...
CVE-2015-3219Cross-site scripting (XSS) vulnerability in the Orchestration/Stack ...
CVE-2015-0271The log-viewing function in the Red Hat redhat-access-plugin before ...
CVE-2014-8578Cross-site scripting (XSS) vulnerability in the Groups panel in ...
CVE-2014-3594Cross-site scripting (XSS) vulnerability in the Host Aggregates ...
CVE-2014-0157Cross-site scripting (XSS) vulnerability in the Horizon Orchestration ...
CVE-2013-6858Multiple cross-site scripting (XSS) vulnerabilities in OpenStack ...
CVE-2013-4471The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 ...
CVE-2012-5476
CVE-2012-5474
CVE-2012-3540Open redirect vulnerability in views/auth_forms.py in OpenStack ...
CVE-2012-2144Session fixation vulnerability in OpenStack Dashboard (Horizon) ...
CVE-2012-2094Cross-site scripting (XSS) vulnerability in the refresh mechanism in ...

Security announcements

DSA / DLADescription
DSA-3617-1horizon - security update
DLA-520-1horizon - security update

Search for package or bug name: Reporting problems