Known Vulnerabilities for Horizon by Openstack
Listed below are 10 of the newest known vulnerabilities associated with "Horizon" by "Openstack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-29565 | An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5... | 6.1 - MEDIUM | 2020-12-04 | 2021-03-09 |
| CVE-2017-7400 | OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XS... | 4.8 - MEDIUM | 2017-04-03 | 2018-01-05 |
| CVE-2016-4428 | Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows re... | 5.4 - MEDIUM | 2016-07-12 | 2023-02-12 |
| CVE-2015-3988 | Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated user... | 3.5 - LOW | 2015-05-19 | 2016-12-24 |
| CVE-2015-3219 | Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 20... | 4.3 - MEDIUM | 2015-08-20 | 2016-12-24 |
| CVE-2014-3594 | Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2... | 3.5 - LOW | 2014-08-22 | 2023-02-13 |
| CVE-2014-3475 | Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, ... | 3.5 - LOW | 2014-10-31 | 2023-02-13 |
| CVE-2014-3474 | Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in Ope... | 3.5 - LOW | 2014-10-31 | 2023-02-13 |
| CVE-2014-3473 | Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenSta... | 4.3 - MEDIUM | 2014-10-31 | 2023-02-13 |
| CVE-2014-0157 | Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 b... | 4.3 - MEDIUM | 2014-04-15 | 2023-02-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openstack | Horizon | juno-3 | All | All | All |
| Application | Openstack | Horizon | juno-2 | All | All | All |
| Application | Openstack | Horizon | juno-1 | All | All | All |
| Application | Openstack | Horizon | folsom-3 | All | All | All |
| Application | Openstack | Horizon | folsom-1 | All | All | All |
| Application | Openstack | Horizon | 2014.2.3 | All | All | All |
| Application | Openstack | Horizon | 2014.2.2 | All | All | All |
| Application | Openstack | Horizon | 2014.2.1 | All | All | All |
| Application | Openstack | Horizon | 2014.2.0 | All | All | All |
| Application | Openstack | Horizon | 2014.1.2 | All | All | All |
| Application | Openstack | Horizon | 2014.1.1 | All | All | All |
| Application | Openstack | Horizon | 2014.1 | All | All | All |
| Application | Openstack | Horizon | 2013.2.4 | All | All | All |
| Application | Openstack | Horizon | 2013.2.3 | All | All | All |
| Application | Openstack | Horizon | 2013.2.2 | All | All | All |
| Application | Openstack | Horizon | 2013.2.1 | All | All | All |
| Application | Openstack | Horizon | 2013.2 | All | All | All |
| Application | Openstack | Horizon | 2013.1 | All | All | All |
| Application | Openstack | Horizon | 2012.2 | All | All | All |
| Application | Openstack | Horizon | 2012.1.1 | All | All | All |