pkg:Go/github.com/pomerium/pomerium
18 total CVEsCRITICAL2HIGH4MEDIUM12
✅ Check your installed version
All known vulnerabilities
- CRITICAL10.0CVE-2023-33189Pomerium vulnerable to Incorrect Authorization with specially crafted requests in github.com/pomerium/pomerium>= 0.22.0, < 0.22.2
- CRITICAL10.0CVE-2023-33189Pomerium vulnerable to Incorrect Authorization with specially crafted requests in github.com/pomerium/pomeriumfrom 0, < 0.17.4, >= 0.18.0, < 0.18.1, >= 0.19.0, < 0.19.2, >= 0.20.0, < 0.20.1, >= 0.21.0, < 0.21.4, >= 0.22.0, < 0.22.2
- >= 0.11.0, < 0.14.8
- HIGH8.6CVE-2021-39162Incorrect handling of H2 GOAWAY + SETTINGS frames in github.com/pomerium/pomeriumfrom 0, < 0.15.1
- HIGH8.6CVE-2021-39162Incorrect handling of H2 GOAWAY + SETTINGS frames in github.com/pomerium/pomeriumfrom 0, < 0.15.1
- from 0, < 0.14.8
- MEDIUM6.8CVE-2024-47616Pomerium service account access token may grant unintended access to databroker API in github.com/pomerium/pomeriumfrom 0, < 0.27.1
- MEDIUM6.8CVE-2024-47616Pomerium service account access token may grant unintended access to databroker API in github.com/pomerium/pomeriumfrom 0, < 0.27.1
- MEDIUM6.5CVE-2022-24797Exposure of Sensitive Information in Pomerium in github.com/pomerium/pomerium>= 0.16.0, < 0.17.1
- MEDIUM6.5CVE-2022-24797Exposure of Sensitive Information in Pomerium in github.com/pomerium/pomerium>= 0.16.0, < 0.17.1
- from 0, < 0.13.4
- from 0, < 0.13.4
- MEDIUM6.1CVE-2021-29652pomerium_signature is not verified in middleware in github.com/pomerium/pomerium>= 0.10.0, < 0.13.4
- MEDIUM6.1CVE-2021-29652pomerium_signature is not verified in middleware in github.com/pomerium/pomerium>= 0.10.0, < 0.13.4
- MEDIUM5.7CVE-2024-39315Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomeriumfrom 0, < 0.26.1
- MEDIUM5.7CVE-2024-39315Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomeriumfrom 0, < 0.26.1
- >= 0.14.0, < 0.15.6
- from 0, < 0.15.6