"He uncovered the high-severity path traversal vulnerability while exploring the tool's recently added support for OCI-based Compose artifacts. "The flaw allowed attackers to escape Compose's cache directory and write arbitrary files on the host system, simply by tricking a user into referencing a malicious remote artifact." "When Compose processed OCI layers it trusted the layer annotations that tell it where to write files," he said."
"So an attacker could craft an annotation, and Compose "performed a literal join between its local cache directory and that annotation... No normalization, no canonicalization, no checks that the resulting path stayed inside the cache." That in turn would allow the crafted annotation to traverse out of the cache directory, "and cause Compose to write files anywhere the Compose process had permission to write.""
A path traversal vulnerability in Docker Compose's OCI artifact handling allowed attackers to escape the Compose cache and write arbitrary files on the host by referencing a malicious remote artifact. The flaw stemmed from Compose trusting layer annotations and performing a literal join between its cache directory and annotation values without normalization, canonicalization, or boundary checks. The vulnerability received an 8.9 severity rating (CVE-2025-62725) and affects workflows using OCI-based Compose artifacts across CI/CD, development, cloud, and enterprise pipelines. Users are advised to upgrade to Compose v2.40 and sanitize path inputs even in YAML configurations.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]