2 matches found
EUVD-2025-27069
Malicious code in bioql PyPI...
CVE-2025-58437
Coder versions 2.22.0–2.24.3, 2.25.0–2.25.1 are affected by insecure session handling in prebuilt workspaces, exposing a session token via coder_workspace_owner.session_token. In prebuilt workspaces, the prebuilds system user initially owns the workspace; when a workspace is claimed, a new sessio...