An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS14cXYyLTN2dnEtcWc2cs4AAvkJ

Moderate EPSS: 0.00106% (0.29553 Percentile) EPSS:

Hashicorp Boundary vulnerable to clickjacking

Affected Packages Affected Versions Fixed Versions
go:github.com/hashicorp/boundary <= 0.11.0 No known fixed version
5 Dependent packages
3 Dependent repositories

Affected Version Ranges

All affected versions

0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7, 0.1.8, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.3.0, 0.4.0, 0.5.0, 0.5.1, 0.6.0, 0.6.1, 0.6.2, 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.7.4, 0.7.5, 0.7.6, 0.8.0, 0.8.1, 0.9.0, 0.9.1, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.11.0

Hashicorp Boundary is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.

References: