GHSA-w64r-2g3w-w8w4

Source

https://github.com/advisories/GHSA-w64r-2g3w-w8w4

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/09/GHSA-w64r-2g3w-w8w4/GHSA-w64r-2g3w-w8w4.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-w64r-2g3w-w8w4

Aliases

CVE-2025-59956

Published

2025-09-29T20:40:26Z

Modified

2025-09-30T15:16:20Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

Coder AgentAPI exposed user chat history via a DNS rebinding attack

Details

Summary

AgentAPI prior to version 0.4.0 was susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost.

Impact

An attacker could have gained access to the /messages endpoint served by the Agent API. This allowed for the unauthorized exfiltration of sensitive user data, specifically local message history, which could've included secret keys, file system contents, and intellectual property the user was working on locally.

Remediation

We've implemented an Origin and Host header validating middleware and set a secure by default configuration.

Please upgrade to version 0.4.0 or later.

Credits

We'd like to thank Evan Harris from mcpsec.dev for reporting this issue and following the coordinated disclosure policy.

Database specific

{
    "severity": "MODERATE",
    "github_reviewed": true,
    "nvd_published_at": "2025-09-30T11:37:41Z",
    "github_reviewed_at": "2025-09-29T20:40:26Z",
    "cwe_ids": [
        "CWE-350"
    ]
}

References

Affected packages

Go / github.com/coder/agentapi

Package

Name: github.com/coder/agentapi; View open source insights on deps.dev
Purl: pkg:golang/github.com/coder/agentapi

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.0