Docker Compose Remote OCI Path Traversal (v2.39 & earlier)
CVE-2025-62725 Published on October 27, 2025
Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations
Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attackersupplied value from com.docker.compose.file/com.docker.compose.envfile with its local cache directory and writes the file there. This affects any platform or workflow that resolves remote OCI compose artifacts, Docker Desktop, standalone Compose binaries on Linux, CI/CD runners, cloud dev environments is affected. An attacker can escape the cache directory and overwrite arbitrary files on the machine running docker compose, even if the user only runs readonly commands such as docker compose config or docker compose ps. This issue is fixed in v2.40.2.
Weakness Type
What is a Directory traversal Vulnerability?
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CVE-2025-62725 has been classified to as a Directory traversal vulnerability or weakness.
Products Associated with CVE-2025-62725
Want to know whenever a new CVE is published for Docker Compose? stack.watch will email you.
Affected Versions
docker compose Version < 2.40.2 is affected by CVE-2025-62725Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.