Vulnerabilities in pomerium
8 resultsCVE-2021-39204HIGHExcessive CPU usage in PomeriumEPSS 1.6%CVE-2021-39162HIGHIncorrect handling of H2 GOAWAY + SETTINGS framesEPSS 1.6%CVE-2021-39206HIGHIncorrect Authorization with specially crafted requestsEPSS 1.4%CVE-2022-24797MEDIUMExposure of Sensitive Information in PomeriumEPSS 1.3%CVE-2023-33189CRITICALIncorrect Authorization with specially crafted requestsEPSS 0.9%CVE-2021-41230MEDIUMOIDC claims not updated from Identity Provider in PomeriumEPSS 0.8%CVE-2024-47616MEDIUMPomerium's service account access token may grant unintended access to databroker APIEPSS 0.6%CVE-2024-39315MEDIUMPomerium exposed OAuth2 access and ID tokens in user info endpoint responseEPSS 0.4%