Coollabs

Coolify

28 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2025-22612

Exploit
  • EPSS 0.71%
  • Veröffentlicht 24.01.2025 17:15:15
  • Zuletzt bearbeitet 19.09.2025 15:27:33

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve any existing private keys on a coolify instance in...

9.9

CVE-2025-22611

Exploit
  • EPSS 0.65%
  • Veröffentlicht 24.01.2025 17:15:15
  • Zuletzt bearbeitet 19.09.2025 15:26:56

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to escalate his or any other team members privileges to any r...

6.5

CVE-2025-22610

Exploit
  • EPSS 0.19%
  • Veröffentlicht 24.01.2025 17:15:15
  • Zuletzt bearbeitet 19.09.2025 15:26:31

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch the global coolify instance OAuth configuration. Thi...

10

CVE-2025-22609

Exploit
  • EPSS 0.71%
  • Veröffentlicht 24.01.2025 17:15:15
  • Zuletzt bearbeitet 19.09.2025 15:21:59

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to attach any existing private key on a coolify instance to h...

6.5

CVE-2025-22608

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.01.2025 17:15:14
  • Zuletzt bearbeitet 19.09.2025 15:14:44

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to revoke any team invitations on a Coolify instance by only ...

5.5

CVE-2025-22607

  • EPSS 0.12%
  • Veröffentlicht 24.01.2025 16:15:38
  • Zuletzt bearbeitet 19.09.2025 15:12:55

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch the details page for any GitHub / GitLab configurati...

7.8

CVE-2025-22606

Exploit
  • EPSS 0.27%
  • Veröffentlicht 24.01.2025 16:15:38
  • Zuletzt bearbeitet 19.09.2025 15:12:30

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In version 4.0.0-beta.358 and possibly earlier versions, when creating or updating a "project," it is possible to inject arbitrary shell commands by a...

7.8

CVE-2025-22605

Exploit
  • EPSS 0.22%
  • Veröffentlicht 24.01.2025 15:15:12
  • Zuletzt bearbeitet 19.09.2025 15:10:25

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Starting in version 4.0.0-beta.18 and prior to 4.0.0-beta.253, a vulnerability in the execution of commands on remote servers allows an authenticated ...