7 matches found
CVE-2025-66411
Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...
CVE-2025-66411
Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...
CVE-2025-66411 Coder logged sensitive objects unsanitized
Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...
CVE-2025-66411 Coder logged sensitive objects unsanitized
Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...
GO-2025-3981 Gardener provider extensions vulnerable to code injection when Terraform is used for infrastructure provisioning in github.com/gardener/gardener-extension-provider-aws
Gardener provider extensions vulnerable to code injection when Terraform is used for infrastructure provisioning in github.com/gardener/gardener-extension-provider-aws...
EUVD-2025-27069
Malicious code in bioql PyPI...
SUSE CVE-2025-58437
Coder allows organizations to provision remote development environments via Terraform. In versions 2.22.0 through 2.24.3, 2.25.0 and 2.25.1, Coder can be compromised through insecure session handling in prebuilt workspaces. Coder automatically generates a session token for a user when a workspace...