UBUNTU-CVE-2022-45582

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2022-45582

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-45582.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2022-45582

Upstream

CVE-2022-45582

Published

2023-08-22T19:16:00Z

Modified

2025-10-24T04:53:59Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Ubuntu - low

Summary

[none]

Details

Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.

References

Affected packages

Ubuntu:18.04:LTS / horizon

Package

Name: horizon
Purl: pkg:deb/ubuntu/horizon@3:13.0.3-0ubuntu2?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3:12.*

3:12.0.0-0ubuntu2.1

3:12.0.0-0ubuntu3

3:13.*

3:13.0.0~b1-0ubuntu1

3:13.0.0~b1-0ubuntu2

3:13.0.0-0ubuntu1

3:13.0.0-0ubuntu1.1

3:13.0.1-0ubuntu1

3:13.0.1-0ubuntu2

3:13.0.1-0ubuntu3

3:13.0.1-0ubuntu4

3:13.0.1-0ubuntu5

3:13.0.1-0ubuntu6

3:13.0.2-0ubuntu1

3:13.0.2-0ubuntu2

3:13.0.2-0ubuntu3

3:13.0.3-0ubuntu1

3:13.0.3-0ubuntu2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "openstack-dashboard",
            "binary_version": "3:13.0.3-0ubuntu2"
        },
        {
            "binary_name": "openstack-dashboard-ubuntu-theme",
            "binary_version": "3:13.0.3-0ubuntu2"
        },
        {
            "binary_name": "python-django-horizon",
            "binary_version": "3:13.0.3-0ubuntu2"
        },
        {
            "binary_name": "python-django-openstack-auth",
            "binary_version": "3:13.0.3-0ubuntu2"
        },
        {
            "binary_name": "python3-django-openstack-auth",
            "binary_version": "3:13.0.3-0ubuntu2"
        }
    ],
    "priority_reason": "Per upstream bug, this is a minor issue"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-45582.json"

Ubuntu:Pro:20.04:LTS / horizon

Package

Name: horizon
Purl: pkg:deb/ubuntu/horizon@3:18.3.5-0ubuntu2.3+esm1?arch=source&distro=esm-infra/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3:16.*

3:16.0.0-0ubuntu1

3:17.*

3:17.0.0~b1~git2019121712.f7313b74c-0ubuntu1

3:18.*

3:18.0.1~git2020021409.bb959361b-0ubuntu2

3:18.0.1~git2020021409.bb959361b-0ubuntu3

3:18.2.1~git2020032709.2c4470272-0ubuntu1

3:18.2.1~git2020041013.754804667-0ubuntu1

3:18.2.1~git2020041013.754804667-0ubuntu2

3:18.2.1~git2020041013.754804667-0ubuntu3

3:18.3.2-0ubuntu0.20.04.1

3:18.3.2-0ubuntu0.20.04.2

3:18.3.2-0ubuntu0.20.04.4

3:18.3.3-0ubuntu1

3:18.3.4-0ubuntu1

3:18.3.5-0ubuntu1

3:18.3.5-0ubuntu2

3:18.3.5-0ubuntu2.1

3:18.3.5-0ubuntu2.2

3:18.3.5-0ubuntu2.3

3:18.3.5-0ubuntu2.3+esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "openstack-dashboard",
            "binary_version": "3:18.3.5-0ubuntu2.3+esm1"
        },
        {
            "binary_name": "openstack-dashboard-common",
            "binary_version": "3:18.3.5-0ubuntu2.3+esm1"
        },
        {
            "binary_name": "openstack-dashboard-ubuntu-theme",
            "binary_version": "3:18.3.5-0ubuntu2.3+esm1"
        },
        {
            "binary_name": "python3-django-horizon",
            "binary_version": "3:18.3.5-0ubuntu2.3+esm1"
        },
        {
            "binary_name": "python3-django-openstack-auth",
            "binary_version": "3:18.3.5-0ubuntu2.3+esm1"
        }
    ],
    "priority_reason": "Per upstream bug, this is a minor issue"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-45582.json"

Ubuntu:22.04:LTS / horizon

Package

Name: horizon
Purl: pkg:deb/ubuntu/horizon@4:22.1.1-0ubuntu1.1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4:20.*

4:20.1.0-0ubuntu1

4:20.2.0+git2021120911.fc1012628-0ubuntu1

4:20.2.0+git2022011216.8fe5bbc8d-0ubuntu1

4:21.*

4:21.0.0+git2022030313.dd9e4c82b-0ubuntu2

4:22.*

4:22.1.0-0ubuntu1

4:22.1.0-0ubuntu2

4:22.1.0-0ubuntu2.1

4:22.1.1-0ubuntu1

4:22.1.1-0ubuntu1.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "openstack-dashboard",
            "binary_version": "4:22.1.1-0ubuntu1.1"
        },
        {
            "binary_name": "openstack-dashboard-common",
            "binary_version": "4:22.1.1-0ubuntu1.1"
        },
        {
            "binary_name": "openstack-dashboard-ubuntu-theme",
            "binary_version": "4:22.1.1-0ubuntu1.1"
        },
        {
            "binary_name": "python3-django-horizon",
            "binary_version": "4:22.1.1-0ubuntu1.1"
        },
        {
            "binary_name": "python3-django-openstack-auth",
            "binary_version": "4:22.1.1-0ubuntu1.1"
        }
    ],
    "priority_reason": "Per upstream bug, this is a minor issue"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-45582.json"