VYPR

Coolify

by Coolify

CVEs (4)

  • CVE-2025-22610MedJan 24, 2025
    risk 0.42cvss 6.5epss 0.00

    Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch the global coolify instance OAuth configuration. This exposes the "client id" and…

  • CVE-2025-22608MedJan 24, 2025
    risk 0.42cvss 6.5epss 0.00

    Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to revoke any team invitations on a Coolify instance by only providing a predictable and…

  • CVE-2025-24025MedJan 24, 2025
    risk 0.40cvss 6.1epss 0.00

    Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.380, the tags page allows users to search for tags. If the search does not return any results, the query gets reflected on the error modal, which leads…

  • CVE-2025-22607MedJan 24, 2025
    risk 0.36cvss 5.5epss 0.00

    Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch the details page for any GitHub / GitLab configuration on a Coolify instance by…