CNNVD-202601-829 Information
Jan 05, 2026
cve
CNNVD ID
CNNVD-202601-829
Related CVE
- CNNVD Published: 2026-01-05
Description (Chinese)
Coolify是coolLabs开源的一个开源和自托管的 Heroku/Netlify/Vercel 替代品。 Coolify v4.0.0-beta.434及之前版本存在安全漏洞,该漏洞源于低权限用户可查看根用户私钥,可能导致以根用户身份通过SSH认证。
Description (English)
Coolify is an open-source and self-hosted Heroku/Netlift/Vercel alternative to the coolLabs open source. There is a security loophole in Coolify v. 4.0.0-beta 434 and earlier versions, which stems from the fact that users with low permission can view the root user ’ s private key, which may result in SSH authentication as a root user.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
coolLabs
Published
2026-01-05
Last Modified
2026-02-24
References
https://github.com/coollabsio/coolify/security/advisories/GHSA-qwxj-qch7-whpc
Patch
https://github.com/coollabsio/coolify/releases
Share on: