github.com/pomerium/pomerium/proxy is a Package proxy is a pomerium service that provides reverse proxying of internal routes.
Affected versions of this package are vulnerable to Open Redirect. Using programmatic access on protected sites, an attacker can get a signed login URL with
pomerium_redirect_uri set to an arbitrary URL, which allows redirecting a victim to the attacker’s site, and a JWT leakage.
github.com/pomerium/pomerium/proxy to version 0.13.4 or higher.