Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting a malicious service definition that mounts the host root filesystem, an attacker can gain full root access to the underlying server.
History

Wed, 27 Aug 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 27 Aug 2025 17:00:00 +0000

Type Values Removed Values Added
Description Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting a malicious service definition that mounts the host root filesystem, an attacker can gain full root access to the underlying server.
Title Coolify Docker Compose Directive Injection in Application Deployment Workflow
Weaknesses CWE-20
CWE-94
References
Metrics cvssV4_0

{'score': 9.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2025-08-27T18:04:24.161Z

Reserved: 2025-04-15T19:15:22.565Z

Link: CVE-2025-34159

cve-icon Vulnrichment

Updated: 2025-08-27T18:04:18.484Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-27T17:15:38.123

Modified: 2025-08-29T16:24:09.860

Link: CVE-2025-34159

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.