2026-01-13 15:35:01
redhat
PUBLISHED
A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333.