#docker-compose

[ follow ]
#cve-2025-62725 #path-traversal #oci-artifacts #dll-hijacking #cve-2025-9164 #rag #vector-database #graph-database
Information security
fromTheregister
2 days ago

Docker Compose vulnerability opens door to host-level writes

Docker Compose's OCI artifact handling had a path traversal vulnerability (CVE-2025-62725) allowing arbitrary host file writes; upgrade to Compose v2.40.
fromTechzine Global
1 day ago

Docker fixes serious vulnerabilities in Compose and Desktop Installer

The bug in Docker Compose was found in October by security researcher Ron Masas of Imperva. Compose is a tool that converts YAML configurations into running container environments and is an important part of countless development and CI/CD processes. Masas discovered that the recent support for OCI-based Compose artifacts did not perform sufficient checks on file locations. When processing these artifacts, Compose relied entirely on the instructions in the so-called layer annotations, which specify where files should be placed.
Information security
DevOps
fromfaun.pub
3 weeks ago

Deploying a Complete RAG Ecosystem with a Single Command: My Ultimate Docker Stack

A single Docker Compose stack provides a ready-to-run local RAG environment combining Ollama, Qdrant, MongoDB, Redis, Neo4j, Keycloak, Mongo Express, and n8n.
Web development
fromInfoQ
3 months ago

Docker Expands Compose for Agent Development and Ties in Cloud Offload Support

Docker launched a feature enabling the definition, building, and running of agents with Docker Compose to enhance development efficiency.
[ Load more ]