Every CVE whose affected-product data names Hashicorp Boundary, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-36130 — CVSS 9.9 (critical): HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct…
CVE-2024-1052 — CVSS 8.0 (high): Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering. An attacker with…
CVE-2022-36182 — CVSS 6.1 (medium): Hashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to…
CVE-2024-12289 — CVSS 5.9 (medium): Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the…
CVE-2023-0690 — CVSS 5.0 (medium): HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS)…