CVE-2025-62725 — Path Traversal in Docker Compose

CWE-22 — Path Traversal CWE-20 — Improper Input Validation7 documents5 sources

Severity

8.9HIGHNVD

EPSS

0.0%

top 87.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Docker Compose Github.com Docker Compose V2 Debian Docker-compose

Timeline

PublishedOct 27

Latest updateOct 30

Description

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cache directory and writes the file there. This affects any platform or workflow that resolves remote OCI compose artifacts, Docker Desktop, standalone Compose binaries on Linux, CI/CD runners, cloud dev en…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected Packages3 packages

▶CVEListV5docker/compose< 2.40.2

▶Gogithub.com/docker_compose_v22.34.0 — 2.40.2+1

▶debiandebian/docker-compose

🔴Vulnerability Details

OSV

Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations in github.com/docker/compose↗2025-10-30

▶

OSV

CVE-2025-62725: Docker Compose trusts the path information embedded in remote OCI compose artifacts↗2025-10-27

▶

GHSA

Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations↗2025-10-27

▶

OSV

Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations↗2025-10-27

▶

📋Vendor Advisories

Red Hat

docker-compose: Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations↗2025-10-27

▶

Debian

CVE-2025-62725: docker-compose - Docker Compose trusts the path information embedded in remote OCI compose artifa...↗2025

▶