coder-v2/coder-provisioner
External provisioner daemon for Coder. This is an Enterprise feature; contact sales@coder.com.
Security Advisories for coder-v2/coder-provisioner in helm
Potential
High
6 months ago
Coder vulnerable to privilege escalation could lead to a cross workspace compromise
go
github.com/coder/coder/v2
Potential
Low
6 months ago
Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token
go
github.com/coder/coder/v2
Potential
Moderate
over 1 year ago
Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect')
go
github.com/coder/coder/v2
Potential
High
almost 2 years ago
Coder's OIDC authentication allows email with partially matching domain to register
go
github.com/coder/coder, github.com/coder/coder/v2