CNNVD-202601-845 Information

CNNVD ID

CNNVD-202601-845

Related CVE

CVE-2025-59157

• CNNVD Published: 2026-01-05

Description (Chinese)

Coolify是coolLabs开源的一个开源和自托管的 Heroku/Netlify/Vercel 替代品。 Coolify 4.0.0-beta.420.7之前版本存在操作系统命令注入漏洞，该漏洞源于Git Repository字段输入清理不当，可能导致命令注入。

Description (English)

Coolify is an open-source and self-hosted Heroku/Netlift/Vercel alternative to the coolLabs open source. Prior to the version of Coolify 4.0.0-beta.420.7, there was a gap in the operating system commands, which resulted from the inappropriate clean-up of the Git Repository field, which could lead to the injection of orders.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

coolLabs

Published

2026-01-05

Last Modified

2026-02-24

References

https://github.com/coollabsio/coolify/security/advisories/GHSA-5cg9-38qj-8mc3 https://access.redhat.com/security/cve/cve-2025-59157

Patch

https://github.com/coollabsio/coolify/releases