Affected by GO-2022-0783
and 5 other vulnerabilities
GO-2022-0783: JWT leak via Open Redirect in Programmatic access in github.com/pomerium/pomerium
GO-2022-0827: pomerium_signature is not verified in middleware in github.com/pomerium/pomerium
GO-2022-0933: Incorrect handling of H2 GOAWAY + SETTINGS frames in github.com/pomerium/pomerium
GO-2023-1800: Pomerium vulnerable to Incorrect Authorization with specially crafted requests in github.com/pomerium/pomerium
GO-2024-2965: Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomerium
GO-2024-3179: Pomerium service account access token may grant unintended access to databroker API in github.com/pomerium/pomerium
package
Version:
v0.12.0
Opens a new window with list of versions in this module.
Published: Jan 8, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 1
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
Source Files
¶
Click to show internal directories.
Click to hide internal directories.