CVE-2023-33189 Information

Description

Pomerium is an identity and context-aware access proxy. With specially crafted requests incorrect authorization decisions may be made by Pomerium. This issue has been patched in versions 0.17.4 0.18.1 0.19.2 0.20.1 0.21.4 and 0.22.2.

Reference

https://github.com/pomerium/pomerium/releases/tag/v0.21.4 https://github.com/pomerium/pomerium/security/advisories/GHSA-pvrc-wvj2-f59p https://github.com/pomerium/pomerium/releases/tag/v0.22.2 https://github.com/pomerium/pomerium/commit/d315e683357a9b587ba9ef399a8813bcc52fdebb https://github.com/pomerium/pomerium/releases/tag/v0.18.1 https://github.com/pomerium/pomerium/releases/tag/v0.17.4 https://github.com/pomerium/pomerium/releases/tag/v0.19.2 https://github.com/pomerium/pomerium/releases/tag/v0.20.1