CVE-2021-29652
The CVE-2021-29652 case concerns the open redirect in Pomerium versions 0.10.0–0.13.3 during sign-in/out. Public sources (OSV/GHSA) tie the issue to insufficient verification of the pomerium_signature in the middleware, enabling redirection to potentially untrusted targets. A patch exists in v0.1...