GO-2024-3228
and 2 other vulnerabilities
GO-2024-3228 : Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') in github.com/coder/coder
GO-2025-3921 : Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token in github.com/coder/coder
GO-2025-3938 : Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder
The highest tagged major version is
v2 .
Discover Packages
github.com/coder/coder
buildinfo
package
Version:
v0.6.5
Opens a new window with list of versions in this module.
Published: Jun 9, 2022
License: AGPL-3.0
Opens a new window with license information.
Imports: 5
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
ExternalURL returns a URL referencing the current Coder version.
For production builds, this will link directly to a release.
For development builds, this will link to a commit.
Time returns when the Git revision was published.
Version returns the semantic version of the build.
Use golang.org/x/mod/semver to compare versions.
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
The highest tagged major version is
Documentation
¶
Source Files