horizon@20.1.2 vulnerabilities

OpenStack Dashboard

Direct Vulnerabilities

Known vulnerabilities in the horizon package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Open Redirect

Affected versions of this package are vulnerable to Open Redirect due to the success_url parameter. An attacker can misguide users to a malicious site by manipulating the redirection path.

How to fix Open Redirect?

Upgrade horizon to version 20.1.4 or higher.

[19.4.0,20.1.4)