Primary

Context

code-server Session Token Exfiltration Vulnerability via Malicious Proxy URLs

Vulnerability

Patched

A vulnerability in code-server versions prior to 4.99.4 allows for session token exfiltration through the use of maliciously crafted URLs that exploit the proxy feature. The vulnerability arises from improper validation of port numbers in proxy requests, which can lead to arbitrary domain proxying. When a user clicks on a crafted link referencing the '/proxy' subpath, the connection is proxied to the attacker's domain, including session cookies. This access enables the attacker to log into code-server and gain full control over the host machine as the user running code-server.

Impact

Exploitation of this vulnerability allows attackers to extract session cookies from users, enabling them to log into code-server and gain full access to the machine where code-server is running, under the user's account.

Remediation

Users can upgrade to code-server version 4.99.4 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

10.0

exploitability

7.0

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

10.0

exploitability

7.0

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

code-server Session Token Exfiltration Vulnerability via Malicious Proxy URLs

Vulnerability

Impact

Remediation

Affected Products

coder code-server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating