# Security Advisories

> If you discover a vulnerability in Coder, please do not hesitate to report it
> to us by following the instructions
> [here](https://github.com/coder/coder/blob/main/SECURITY.md).

From time to time, Coder employees or other community members may discover
vulnerabilities in the product.

If a vulnerability requires an immediate upgrade to mitigate a potential
security risk, we will add it to the below table.

Click on the description links to view more details about each specific
vulnerability.

---

| Description                                                                        | Severity | Fix                                                            | Vulnerable Versions |
| ---------------------------------------------------------------------------------- | -------- | -------------------------------------------------------------- | ------------------- |
| [API tokens of deleted users not invalidated](./0001_user_apikeys_invalidation.md) | HIGH     | [v0.23.0](https://github.com/coder/coder/releases/tag/v0.23.0) | v0.8.25 - v0.22.2   |