Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/12/04 8:12 p.m.3 views

CVE-2025-66411

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...

7.8CVSS6.5AI score0.00203EPSS
Exploits1References1
NVD
NVD
added 2025/12/03 8:16 p.m.3 views

CVE-2025-66411

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...

7.8CVSS0.00203EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/03 7:25 p.m.11 views

CVE-2025-66411 Coder logged sensitive objects unsanitized

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...

7.8CVSS0.00203EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/03 7:25 p.m.2 views

CVE-2025-66411 Coder logged sensitive objects unsanitized

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...

7.8CVSS6.1AI score0.00203EPSS
Exploits1References5
OSV
OSV
added 2025/10/23 4:25 p.m.6 views

GO-2025-3981 Gardener provider extensions vulnerable to code injection when Terraform is used for infrastructure provisioning in github.com/gardener/gardener-extension-provider-aws

Gardener provider extensions vulnerable to code injection when Terraform is used for infrastructure provisioning in github.com/gardener/gardener-extension-provider-aws...

9.9CVSS7.6AI score0.00477EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27069

Malicious code in bioql PyPI...

8.1CVSS6.3AI score0.00349EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2025/09/19 11:22 p.m.2 views

SUSE CVE-2025-58437

Coder allows organizations to provision remote development environments via Terraform. In versions 2.22.0 through 2.24.3, 2.25.0 and 2.25.1, Coder can be compromised through insecure session handling in prebuilt workspaces. Coder automatically generates a session token for a user when a workspace...

8.1CVSS6.9AI score0.00349EPSS
Exploits1References2
Rows per page
Query Builder