Docker Compose vulnerability opens door to host-level writes – patch pronto

Steven

Docker Compose vulnerability opens door to host-level writes – patch pronto

Summary

Docker Compose contained a high-severity path traversal bug (CVE-2025-62725, CVSS 8.9) in its handling of OCI-based Compose artifacts that could let attackers trick Compose into writing arbitrary files on the host. Imperva researcher Ron Masas found that Compose trusted layer annotations and performed a literal path join with the local cache directory without canonicalisation or validation, allowing crafted annotations to escape the cache and write anywhere the Compose process could.

Docker responded quickly and released a fix; users are advised to upgrade to Compose v2.40.2. In a related patch, Docker also fixed a Windows Desktop installer DLL hijack (EUVD-2025-36191, 8.8) caused by an insecure DLL search order, addressed in Desktop 4.49.0. The Desktop release notes also warn future releases will require at least Windows 10 22H2 / Windows 11 23H2.

Key Points

  • CVE-2025-62725: Compose’s OCI artifact support trusted layer annotations and could be abused for path traversal, allowing host-level file writes.
  • Imperva’s Ron Masas discovered the flaw; NIST/ENISA assigned high severity ratings (8.9 for Compose, 8.8 for the Desktop installer issue).
  • Attack vector: a malicious remote OCI artifact or crafted annotation that causes Compose to write outside its cache directory.
  • Fixes: upgrade Docker Compose to v2.40.2; upgrade Docker Desktop to 4.49.0 to close the DLL hijack vector.
  • Risk surface: CI/CD runners, local dev stacks, build pipelines and cloud workspaces that consume remote Compose artifacts.
  • Mitigation advice: sanitize and canonicalise paths, validate remote artefacts, and follow OWASP/ Docker guidance — keep host and Docker up to date.

Context and Relevance

Compose is widely used as a lightweight orchestration layer across development and deployment workflows, making this a meaningful supply-chain and local-host risk. The bug highlights how trusting metadata (in this case, OCI layer annotations in YAML) and reconstructing files automatically from remote sources can quietly breach security boundaries. The separate Windows installer DLL hijack shows Docker has had multiple high-severity fixes recently — so patching quickly is sensible operational hygiene.

Why should I read this

Short and blunt: if you run Docker Compose or Docker Desktop, patch now. An attacker could trick you into fetching a malicious artifact and end up dropping files on your machine or escalating via a DLL placed in a Downloads folder. We skimmed the technical detail and pulled the useful bits — upgrade to Compose v2.40.2 and Desktop 4.49.0, validate OCI artefacts, and keep your host updated. That’s the immediate take-away.

Source

Source: https://www.theregister.com/2025/10/30/docker_compose_desktop_flaws/