Improper Certificate Validation
Coder is vulnerable to Improper Certificate Validation. The vulnerability is due to the AI Bridge Proxy aibridgeproxyd creating a default HTTPS transport with InsecureSkipVerify enabled when no upstream proxy is configured, which allows an on-path man-in-the-middle attacker to present a forged TL...