Low: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-django-horizon) security update

An update for python-django-horizon is now available for Red Hat OpenStack Platform 16.2.4 Train on Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

RHEL 8 : python-django-horizon (RHSA-2020:5411)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5411 advisory. OpenStack Dashboard horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources...

RHEL 7 : python-django-horizon (RHSA-2020:5572)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5572 advisory. OpenStack Dashboard horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources...

Moderate: Red Hat Security Advisory: python-django-horizon security update

An update for python-django-horizon is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

python-django-horizon: dashboard allows open redirect

A flaw was found in python-django-horizon. The "next" parameter is not correctly validated allowing a remote attacker to supply a malicious URL in the dashboard that could cause an automatic redirect to the provided malicious site. The highest threat from this vulnerability is to data...

python-django-horizon: dashboard allows open redirect

A flaw was found in python-django-horizon. The "next" parameter is not correctly validated allowing a remote attacker to supply a malicious URL in the dashboard that could cause an automatic redirect to the provided malicious site. The highest threat from this vulnerability is to data...

CVE-2020-29565

A flaw was found in python-django-horizon. The "next" parameter is not correctly validated allowing a remote attacker to supply a malicious URL in the dashboard that could cause an automatic redirect to the provided malicious site. The highest threat from this vulnerability is to data...

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

Design/Logic Flaw

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

Cross-site Scripting (XSS)

OpenStack Dashboard Horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. Two security issues were discovered in the Horizon dashboard and are addressed in this update: A cross-site scripting XSS flaw was found in the Horizo...

Cross-site Scripting (XSS)

python-django-horizon is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the descriptio...

Cross-site Scripting (XSS)

python-django-horizon is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via...

Fedora 23 : python-django-horizon (2016-e538b11379)

Security fix for CVE-2016-4428, rebase to 2015.1.4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Update for python-django-horizon FEDORA-2016-e538b11379

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: python-django-horizon security, bug fix, and enhancement update

An update for python-django-horizon is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: python-django-horizon security update

An update for python-django-horizon is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: python-django-horizon and python-django-openstack-auth update

Updated python-django-horizon and python-django-openstack-auth packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security...

Moderate: Red Hat Security Advisory: python-django-horizon and python-django-openstack-auth update

Updated python-django-horizon and python-django-openstack-auth packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security...

Fedora 21 : python-django-horizon-2014.1.3-2.fc21 (2014-17177)

fix for CVE-2014-8124 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...