{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T22:43:01.117","vulnerabilities":[{"cve":{"id":"CVE-2023-33189","sourceIdentifier":"security-advisories@github.com","published":"2023-05-30T06:16:37.937","lastModified":"2024-11-21T08:05:05.060","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Pomerium is an identity and context-aware access proxy. With specially crafted requests, incorrect authorization decisions may be made by Pomerium. This issue has been patched in versions 0.17.4, 0.18.1, 0.19.2, 0.20.1, 0.21.4 and 0.22.2."},{"lang":"es","value":"Pomerium es un proxy de acceso consciente de la identidad y el contexto. Con peticiones manipuladas, Pomerium puede tomar decisiones de autorizaciĆ³n incorrectas. Este problema ha sido corregido en las versiones 0.17.4, 0.18.1, 0.19.2, 0.20.1, 0.21.4 y 0.22.2. "}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pomerium:pomerium:*:*:*:*:*:*:*:*","versionEndExcluding":"0.17.4","matchCriteriaId":"BB4624AE-F046-4907-A7E2-30415D3C243A"},{"vulnerable":true,"criteria":"cpe:2.3:a:pomerium:pomerium:*:*:*:*:*:*:*:*","versionStartIncluding":"0.19.0","versionEndExcluding":"0.19.2","matchCriteriaId":"B8B01C39-CC4A-4A3C-850E-0C6DE43B8C45"},{"vulnerable":true,"criteria":"cpe:2.3:a:pomerium:pomerium:*:*:*:*:*:*:*:*","versionStartIncluding":"0.21.0","versionEndExcluding":"0.21.4","matchCriteriaId":"74933B5D-F984-414E-81D1-74D1447E6B28"},{"vulnerable":true,"criteria":"cpe:2.3:a:pomerium:pomerium:*:*:*:*:*:*:*:*","versionStartIncluding":"0.22.0","versionEndExcluding":"0.22.2","matchCriteriaId":"B7F7CBF8-0778-4DF2-AF60-B8C12E42B896"},{"vulnerable":true,"criteria":"cpe:2.3:a:pomerium:pomerium:0.18.0:*:*:*:*:*:*:*","matchCriteriaId":"0A86D41E-451B-4696-8993-AF8734BDDBF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:pomerium:pomerium:0.20.0:*:*:*:*:*:*:*","matchCriteriaId":"6754E0E9-C41E-4568-9E16-3EDF00CF5A62"}]}]}],"references":[{"url":"https://github.com/pomerium/pomerium/commit/d315e683357a9b587ba9ef399a8813bcc52fdebb","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.17.4","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.18.1","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.19.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.20.1","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.21.4","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.22.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/security/advisories/GHSA-pvrc-wvj2-f59p","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://github.com/pomerium/pomerium/commit/d315e683357a9b587ba9ef399a8813bcc52fdebb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.17.4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.18.1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.19.2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.20.1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.21.4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/releases/tag/v0.22.2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/pomerium/pomerium/security/advisories/GHSA-pvrc-wvj2-f59p","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}