3 matches found
CVE-2026-55427
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, coder config-ssh wrote server-supplied SSH settings HostnameSuffix, SSHConfigOptions into the user's /.ssh/config without sanitizing embedded newlines or...
CVE-2026-55427 Coder vulnerable to SSH config injection via unsanitized server-supplied values in `coder config-ssh`
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, coder config-ssh wrote server-supplied SSH settings HostnameSuffix, SSHConfigOptions into the user's /.ssh/config without sanitizing embedded newlines or...
GO-2026-5913 Coder vulnerable to SSH config injection via unsanitized server-supplied values in `coder config-ssh` in github.com/coder/coder
Coder vulnerable to SSH config injection via unsanitized server-supplied values in coder config-ssh in github.com/coder/coder...