{"data":{"id":"cd739510-5deb-4a48-a075-575660877037","title":"GHSA-v54h-cp2w-9x4g: Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps","summary":"The `coder open app` command (a tool that opens external applications linked to workspaces) was vulnerable to leaking session tokens (secret credentials that prove a user's identity) to attacker-controlled websites. When a workspace's external app URL contained a `$SESSION_TOKEN` placeholder, the command would replace it with the real token before opening the URL, potentially sending it to an attacker's server if they controlled the workspace's app definitions. This could allow an attacker to impersonate the user and access their account.","solution":"Update Coder to a patched version: v2.34.2 (for release line 2.34), v2.33.8 (for 2.33), v2.32.7 (for 2.32), or v2.29.17 (for 2.29 ESR). The fix applies a URL-scheme allowlist (a list of approved website protocols) in the CLI and limits session token substitution to trusted destinations like the web frontend. As a workaround, avoid running `coder open app` for untrusted workspaces.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-v54h-cp2w-9x4g","publishedAt":"2026-07-06T21:07:40.000Z","cveId":"CVE-2026-55431","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":["github.com/coder/coder/v2@< 2.29.17 (fixed: 2.29.17)","github.com/coder/coder/v2@>= 2.30.0, < 2.32.7 (fixed: 2.32.7)","github.com/coder/coder/v2@>= 2.33.0, < 2.33.8 (fixed: 2.33.8)","github.com/coder/coder/v2@>= 2.34.0, < 2.34.2 (fixed: 2.34.2)"],"affectedVendors":[],"affectedVendorsRaw":["Coder"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-07-06T21:07:40.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}