Coder vulnerable to privilege escalation could lead to a cross workspace compromise

Summary Insecure session handling opened room for a privilege escalation scenario in which prebuilt workspaces could be compromised by abusing a shared system identity. Details Coder automatically generates a session token for a user when a workspace is started. It is automatically exposed via...

GHSA-J6XF-JWRJ-V5QP Coder vulnerable to privilege escalation could lead to a cross workspace compromise

Summary Insecure session handling opened room for a privilege escalation scenario in which prebuilt workspaces could be compromised by abusing a shared system identity. Details Coder automatically generates a session token for a user when a workspace is started. It is automatically exposed via...

PT-2025-36355

Name of the Vulnerable Software and Affected Versions Coder versions 2.22.0 through 2.24.3 Coder versions 2.25.0 and 2.25.1 Description Coder allows organizations to provision remote development environments via Terraform. In affected versions, Coder can be compromised through insecure session...

PT-2025-36626

Summary Insecure session handling opened room for a privilege escalation scenario in which prebuilt workspaces could be compromised by abusing a shared system identity. Details Coder automatically generates a session token for a user when a workspace is started. It is automatically exposed via...

npm packing does not respect root-level ignore files in workspaces

...

Malicious code in workspaces-shadow-example (npm)

The package workspaces-shadow-example was found to contain malicious code...

MAL-2025-39458 Malicious code in workspaces-shadow-example (npm)

The package workspaces-shadow-example was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2019-6342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces...

Beyond the Scope: Security Testing of Permission Management in Team Workspace

Nowadays team workspaces are widely adopted for multi-user collaboration and digital resource management. To further broaden real-world applications, mainstream team workspaces platforms, such as Google Workspace and Microsoft OneDrive, allow third-party applications referred to as add-ons to be...

CVE-2024-6039

A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

CVE-2022-1805

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM Man in the Middle between a zero client and AWS session provisioner in the network. This issue is only...

CVE-2021-43637

Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request Packet...

CVE-2021-38112

In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework CEF --gpu-launcher argument. This is fixed in 3.1.9...

GO-2025-3538 kcp allows unauthorized creation and deletion of objects in arbitrary workspaces through APIExport Virtual Workspace in github.com/kcp-dev/kcp

kcp allows unauthorized creation and deletion of objects in arbitrary workspaces through APIExport Virtual Workspace in github.com/kcp-dev/kcp...

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization through the APIExport VirtualWorkspace. An attacker can create and delete objects in arbitrary target workspaces without the necessary permissions by exploiting this vulnerability. Workaround This vulnerability ca...

CVE-2025-29922

kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.26.3, the identified vulnerability allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for pre-existing resources. By...

CVE-2025-0501

An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle...

CVE-2025-0500

An issue in the native clients for Amazon WorkSpaces when running Amazon DCV protocol, Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle...

Amazon WorkSpaces < 5.21.0 MITM

The version of Amazon WorkSpaces installed on the host is vulnerable to a man-in-the-middle vulnerability, allowing an attacker to access remote sessions. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

Amazon WorkSpaces < 5.22.1 MITM

The version of Amazon WorkSpaces installed on the host is vulnerable to a man-in-the-middle vulnerability, allowing an attacker to access remote sessions. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...