CNNVD-202601-822 Information

CNNVD ID

CNNVD-202601-822

Related CVE

CVE-2025-64424

• CNNVD Published: 2026-01-05

Description (Chinese)

Coolify是coolLabs开源的一个开源和自托管的 Heroku/Netlify/Vercel 替代品。 Coolify v4.0.0-beta.434及之前版本存在安全漏洞，该漏洞源于资源git源输入字段存在命令注入，可能导致以根用户身份执行系统命令。

Description (English)

Coolify is an open-source and self-hosted Heroku/Netlift/Vercel alternative to the coolLabs open source. There is a security loophole in Coolify v. 4.0.0-beta 434 and earlier versions, which stems from the existence of command injections in the resourcegit source input field, which may result in the system ’ s command being executed as a root user.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

coolLabs

Published

2026-01-05

Last Modified

2026-02-24

References

https://drive.google.com/file/d/1rk7AYxNDkJUwo8uWbzX62PpBxpDYeyrZ/view?usp=drive_link https://github.com/coollabsio/coolify/security/advisories/GHSA-qx24-jhwj-8w6x

Patch

https://coolify.io/