Affected by GO-2022-0933
and 3 other vulnerabilities
GO-2022-0933: Incorrect handling of H2 GOAWAY + SETTINGS frames in github.com/pomerium/pomerium
GO-2023-1800: Pomerium vulnerable to Incorrect Authorization with specially crafted requests in github.com/pomerium/pomerium
GO-2024-2965: Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomerium
GO-2024-3179: Pomerium service account access token may grant unintended access to databroker API in github.com/pomerium/pomerium
package
Version:
v0.14.4
Opens a new window with list of versions in this module.
Published: May 24, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 7
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
Package logutil contains functionality for working with logs.
A Scrubber scrubs potentially sensitive strings from protobuf messages.
NewScrubber creates a new Scrubber.
ScrubProto takes in a protobuf message, clones it and scrubs any non-whitelisted strings.
Whitelist whitelists fields for a given type. The type name should be the full
protobuf typename (ie google.protobuf.Any).
Source Files
¶
Click to show internal directories.
Click to hide internal directories.