2 matches found
GHSA-V54H-CP2W-9X4G Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps
Summary coder open app opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the $SESSIONTOKEN placeholder the CLI replaces it with the user's real session token before handing the URL to the OS open handler. Note: Practical exploitation requir...
CVE-2026-3783
A flaw was found in curl. When an OAuth2 bearer token is used for an HTTPS transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the .netrc file, allowing the bearer token intended for the first host to be sent to the...