Is horizon safe to use?

horizon has 1 known vulnerabilities on the latest version (25.7.2). DepScope rates its health at 67/100 (moderate risk).

What is the latest version of horizon?

The latest version of horizon is 25.7.2, released 2026-04-27.

Does horizon have known vulnerabilities?

Yes. horizon has 1 known vulnerabilities. See depscope.dev/pkg/pypi/horizon for details.

Is horizon deprecated?

No, horizon is actively maintained. Latest release: 25.7.2 (2026-04-27).

What are alternatives to horizon?

Popular alternatives to horizon in PyPI include: boto3, packaging, urllib3, idna, certifi.

What license does horizon use?

horizon is licensed under Apache-2.0.

horizon

pypiv25.7.2

OpenStack Dashboard

License Apache-2.0permissive105 versions1 maintainers59 deps

/ 100

Health

use with caution

[email protected] low health (67/100) — consider alternatives

Update to >= 35eada8a27323c0f83c400177797927aba6bc99b to fix known vulnerabilities

Moderate health score (67/100) — verify manually

Health breakdown0 – 100

25/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

2/15

community

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
unknown	CVE-2012-3540	Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.	35eada8a27323c0f83c400177797927aba6bc99b

Health History

Dependency Tree

License Audit

Dependencies (59)

pbr Babel Django django-compressor django-debreach futurist iso8601 keystoneauth1 netaddr oslo.concurrency oslo.config oslo.i18n oslo.policy oslo.serialization oslo.upgradecheck oslo.utils osprofiler libsass Pillow python-cinderclient python-glanceclient python-keystoneclient python-neutronclient python-novaclient python-swiftclient PyYAML qrcode requests semantic-version tzdata XStatic XStatic-Angular XStatic-Angular-Bootstrap XStatic-Angular-FileUpload XStatic-Angular-Gettext XStatic-Angular-lrdragndrop XStatic-Angular-Schema-Form XStatic-Bootstrap-Datepicker XStatic-Bootstrap-SCSS XStatic-bootswatch XStatic-D3 XStatic-Hogan XStatic-Font-Awesome XStatic-Jasmine XStatic-jQuery XStatic-JQuery-Migrate XStatic-JQuery.quicksearch XStatic-JQuery.TableSorter XStatic-jquery-ui XStatic-JSEncrypt XStatic-mdi XStatic-objectpath XStatic-Rickshaw XStatic-roboto-fontface XStatic-smart-table XStatic-Spin XStatic-term.js XStatic-tv4 enmerkar

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/horizon

horizon

pypiv25.7.2

OpenStack Dashboard

License Apache-2.0permissive105 versions1 maintainers59 deps

/ 100

Health

use with caution

[email protected] low health (67/100) — consider alternatives

Update to >= 35eada8a27323c0f83c400177797927aba6bc99b to fix known vulnerabilities

Moderate health score (67/100) — verify manually

Health breakdown0 – 100

25/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

2/15

community

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
unknown	CVE-2012-3540	Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.	35eada8a27323c0f83c400177797927aba6bc99b

Health History

Dependency Tree

License Audit

Dependencies (59)

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/horizon