For other security tips, visit our guide to security best practices.
Security Advisories
Caution If you discover a vulnerability in Coder, please do not hesitate to report it to us by following the security policy.
From time to time, Coder employees or other community members may discover vulnerabilities in the product.
If a vulnerability requires an immediate upgrade to mitigate a potential security risk, we will add it to the below table.
Click on the description links to view more details about each specific vulnerability.
| Description | Severity | Fix | Vulnerable Versions |
|---|---|---|---|
| API tokens of deleted users not invalidated | HIGH | v0.23.0 | v0.8.25 - v0.22.2 |