2 matches found
CVE-2025-66411
Summary of CVE-2025-66411 (Coder) Coder prior to versions 2.26.5, 2.27.7, and 2.28.4 logs Workspace Agent manifests containing sensitive values in plaintext. This could allow an attacker with limited local access to a Coder Workspace (VM, Kubernetes Pod, etc.) or a connected logging system (e.g.,...
CVE-2025-66411 Coder logged sensitive objects unsanitized
Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...