CNNVD-202508-3206 Information
Aug 27, 2025
cve
CNNVD ID
CNNVD-202508-3206
Related CVE
- CNNVD Published: 2025-08-27
Description (Chinese)
Coolify是coolLabs开源的一个开源和自托管的 Heroku/Netlify/Vercel 替代品。 Coolify v4.0.0-beta.420.6之前版本存在安全漏洞,该漏洞源于应用部署工作流中存在远程代码执行,可能导致获取服务器root权限。
Description (English)
Coolify is an open-source and self-hosted Heroku/Netlift/Vercel alternative to the coolLabs open source. The security gap that existed prior to the version of Coolify v.4.0.0-beta.420.6 stems from the remote code implementation in the application deployment workflow, which may lead to access to server root privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
coolLabs
Published
2025-08-27
Last Modified
2026-02-24
References
https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.420.7 https://github.com/Eyodav/CVE-2025-34159 https://coolify.io/ https://nvd.nist.gov/vuln/detail/CVE-2025-34159
Patch
https://github.com/coollabsio/coolify/releases
Share on: