Github.Com Docker Compose V2 vulnerabilities
2 known vulnerabilities affecting github.com/docker_compose_v2.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1UNKNOWN1
Vulnerabilities
Page 1 of 1
CVE-2025-15558UNKNOWN≥ 2.31.02026-03-10
CVE-2025-15558 Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli
Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli
Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli
osv
CVE-2025-62725HIGH≥ 2.34.0, < 2.40.22025-10-27
CVE-2025-62725 [HIGH] CWE-20 Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations
Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations
Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cache directory an
ghsaosv