mirror of
https://github.com/coder/coder.git
synced 2026-06-02 20:48:20 +00:00
Muhammad Atif Ali
419eba5fb6
Closes #13434 Supersedes #14182 --------- Co-authored-by: Ethan <39577870+ethanndickson@users.noreply.github.com> Co-authored-by: Ethan Dickson <ethan@coder.com> Co-authored-by: Ben Potter <ben@coder.com> Co-authored-by: Stephen Kirby <58410745+stirby@users.noreply.github.com> Co-authored-by: Stephen Kirby <me@skirby.dev> Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com> Co-authored-by: Edward Angert <EdwardAngert@users.noreply.github.com>
21 lines
1.2 KiB
Markdown
21 lines
1.2 KiB
Markdown
# Security Advisories
|
|
|
|
> If you discover a vulnerability in Coder, please do not hesitate to report it
|
|
> to us by following the instructions
|
|
> [here](https://github.com/coder/coder/blob/main/SECURITY.md).
|
|
|
|
From time to time, Coder employees or other community members may discover
|
|
vulnerabilities in the product.
|
|
|
|
If a vulnerability requires an immediate upgrade to mitigate a potential
|
|
security risk, we will add it to the below table.
|
|
|
|
Click on the description links to view more details about each specific
|
|
vulnerability.
|
|
|
|
---
|
|
|
|
| Description | Severity | Fix | Vulnerable Versions |
|
|
| --------------------------------------------------------------------------------------------------------------------------------------- | -------- | -------------------------------------------------------------- | ------------------- |
|
|
| [API tokens of deleted users not invalidated](https://github.com/coder/coder/blob/main/docs/security/0001_user_apikeys_invalidation.md) | HIGH | [v0.23.0](https://github.com/coder/coder/releases/tag/v0.23.0) | v0.8.25 - v0.22.2 |
|