Lucene search
K

5 matches found

Cvelist
Cvelist
added 20 hours ago11 views

CVE-2026-55431 Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, coder open app opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the $SESSIONTOKEN placeholder the...

7.7CVSS
Exploits0References6
CVE
CVE
added 20 hours ago13 views

CVE-2026-55431

Coder prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 is vulnerable to session-token leakage via coder open app for external workspace apps. The CLI opens external workspace-app URLs without validating scheme/host, and if a URL contains the placeholder $SESSION_TOKEN, the token is substitute...

7.7CVSS6AI score
Exploits0References6Affected Software1
OSV
OSV
added yesterday5 views

GO-2026-5924 Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps in github.com/coder/coder

Coder's session token leaked to arbitrary hosts via coder open app for external workspace apps in github.com/coder/coder...

7.7CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/24 12:0 a.m.9 views

PT-2023-32588 · Totvs · Totvs Fluig Platform

Name of the Vulnerable Software and Affected Versions: TOTVS Fluig Platform versions 1.6.x through 1.8.1 Description: A problematic issue was found in the TOTVS Fluig Platform, affecting some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation...

6.1CVSS4.3AI score0.02379EPSS
Exploits1References4
CNVD
CNVD
added 2018/04/10 12:0 a.m.2 views

Open Whisper Signal Screen Lock Bypass Vulnerability

Signal is an instant messaging application for private communication with friends. A screen lock bypass vulnerability exists in Open Whisper Signal for iOS before 2.23.2. An immediate attacker can exploit the vulnerability to bypass the screen lock feature through a certain sequence of quick...

6.8CVSS6.5AI score0.00432EPSS
Exploits0References1
Rows per page
Query Builder