GSA_kwCzR0hTQS14cXYyLTN2dnEtcWc2cs4AAvkJ

Moderate EPSS: 0.00106% (0.29553 Percentile) EPSS:

Permalink JSON

Hashicorp Boundary vulnerable to clickjacking

Affected Packages	Affected Versions	Fixed Versions
go:github.com/hashicorp/boundary	<= 0.11.0	No known fixed version
5 Dependent packages 3 Dependent repositories Affected Version Ranges All affected versions 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7, 0.1.8, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.3.0, 0.4.0, 0.5.0, 0.5.1, 0.6.0, 0.6.1, 0.6.2, 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.7.4, 0.7.5, 0.7.6, 0.8.0, 0.8.1, 0.9.0, 0.9.1, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.11.0

Hashicorp Boundary is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-36182
https://owasp.org/www-community/attacks/Clickjacking
https://packetstormsecurity.com/files/168654/Hashicorp-Boundary-Clickjacking.html
https://github.com/advisories/GHSA-xqv2-3vvq-qg6r

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

GSA_kwCzR0hTQS14cXYyLTN2dnEtcWc2cs4AAvkJ

Hashicorp Boundary vulnerable to clickjacking

Affected Version Ranges

All affected versions

Identifiers

Risk

Severity

EPSS

Classification

Source

Origin

Date and time

Published

Updated

API