GO-2022-0783: JWT leak via Open Redirect in Programmatic access in github.com/pomerium/pomerium

  GO-2022-0933: Incorrect handling of H2 GOAWAY + SETTINGS frames in github.com/pomerium/pomerium

  GO-2023-1800: Pomerium vulnerable to Incorrect Authorization with specially crafted requests in github.com/pomerium/pomerium

  GO-2024-2965: Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomerium

  GO-2024-3179: Pomerium service account access token may grant unintended access to databroker API in github.com/pomerium/pomerium