10 matches found
CVE-2025-59157
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to inject arbitrary...
EUVD-2025-206243
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to inject arbitrary...
CVE-2025-59157 Coolify has Git Repository RCE
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to inject arbitrary...
CVE-2025-59157
CVE-2025-59157 – Coolify Git Repository RCE . Multiple sources describe a command-injection flaw in Coolify prior to 4.0.0-beta.420.7, triggered by unsanitized input in the Git Repository field during project creation/deployment workflows. The issue allows an attacker with regular member privileg...
EUVD-2025-25912
Malicious code in bioql PyPI...
CVE-2025-34161
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creatio...
CVE-2025-34161
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creatio...
CVE-2025-34161
CVE-2025-34161 affects Coolify versions prior to v4.0.0-beta.420.7. A remote code execution flaw exists in the project deployment workflow: authenticated users with low privileges can inject arbitrary shell commands through the Git Repository field during project creation, leading to arbitrary co...
CVE-2025-34161
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creatio...
PT-2025-34901
Name of the Vulnerable Software and Affected Versions: Coolify versions prior to v4.0.0-beta.420.7 Description: Coolify is vulnerable to a remote code execution issue in the project deployment workflow. Authenticated users with low-level member privileges can inject arbitrary shell commands via t...