CVE-2025-64419

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.445

Description Coolify is a self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.445, parameters from docker-compose.yaml files are not properly sanitized when used in commands. This allows an attacker to execute commands on the Coolify instance as root if a victim user creates an application from a malicious repository using the "docker compose" build pack. Approximately 52,650 internet-exposed instances are estimated to be affected. The issue involves the use of unsanitized parameters in commands, potentially leading to arbitrary code execution. The vulnerable component is the handling of parameters originating from docker-compose.yaml files.

Recommendations Versions prior to 4.0.0-beta.445 should be updated to version 4.0.0-beta.445 or later. Restrict external access to Coolify instances until all fixes are confirmed.