CVE-2022-36182
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-36182
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-36182.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-36182
- Aliases
- Published
- 2022-10-27T13:15:10.750Z
- Modified
- 2025-11-20T12:08:29.048650Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Hashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.
- References
Affected packages
Git / github.com/hashicorp/boundary
Affected ranges
- Type
- GIT
- Repo
- https://github.com/hashicorp/boundary
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
api/v0.*
api/v0.0.1
api/v0.0.10
api/v0.0.11
api/v0.0.12
api/v0.0.13
api/v0.0.14
api/v0.0.15
api/v0.0.16
api/v0.0.17
api/v0.0.18
api/v0.0.19
api/v0.0.2
api/v0.0.20
api/v0.0.21
api/v0.0.22
api/v0.0.23
api/v0.0.24
api/v0.0.25
api/v0.0.26
api/v0.0.27
api/v0.0.28
api/v0.0.29
api/v0.0.3
api/v0.0.30
api/v0.0.4
api/v0.0.5
api/v0.0.6
api/v0.0.7
api/v0.0.8
api/v0.0.9
sdk/v0.*
sdk/v0.0.1
sdk/v0.0.10
sdk/v0.0.11
sdk/v0.0.12
sdk/v0.0.13
sdk/v0.0.14
sdk/v0.0.15
sdk/v0.0.16
sdk/v0.0.17
sdk/v0.0.18
sdk/v0.0.19
sdk/v0.0.2
sdk/v0.0.20
sdk/v0.0.21
sdk/v0.0.22
sdk/v0.0.23
sdk/v0.0.3
sdk/v0.0.4
sdk/v0.0.5
sdk/v0.0.6
sdk/v0.0.7
sdk/v0.0.8
sdk/v0.0.9
v0.*
v0.1.0
v0.1.0-beta.1
v0.1.0-beta.3
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.10.0
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.4.0
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.7.0
v0.7.1
v0.7.4
v0.7.5
v0.7.6
v0.8.0
v0.9.0
v0.9.1