CVE-2025-62725

Published Oct 27, 2025

Last updated 5 months ago

CVSS high 8.9
Docker

Overview

Description
Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cache directory and writes the file there. This affects any platform or workflow that resolves remote OCI compose artifacts, Docker Desktop, standalone Compose binaries on Linux, CI/CD runners, cloud dev environments is affected. An attacker can escape the cache directory and overwrite arbitrary files on the machine running docker compose, even if the user only runs read‑only commands such as docker compose config or docker compose ps. This issue is fixed in v2.40.2.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.9
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

Weaknesses

security-advisories@github.com
CWE-22

Social media

Hype score
Not currently trending

  1. CVE-2025-62725 : From “docker compose ps” to System Compromise https://t.co/jb19n1bKo2 https://t.co/AIcpTXkqhg

    @freedomhack101

    3 Nov 2025

    78 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2025-62725: Docker Compose flaw lets docker compose ps lead to system compromise. Patch now → https://t.co/eLLuwqN1w4 #Security #Docker

    @ipolyzos

    1 Nov 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-62725: “docker compose ps” から System Compromise | Imperva - https://t.co/xgmIFoJELa

    @piedpiper1616

    31 Oct 2025

    956 Impressions

    4 Retweets

    16 Likes

    9 Bookmarks

    0 Replies

    0 Quotes

  4. Docker Compose 脆弱性 CVE-2025-62725:リモートOCIファイルからのパストラバーサル攻撃の詳細と対策 https://t.co/N7x82kgNkx #Qiita @___nix___より

    @yousukezan

    30 Oct 2025

    1787 Impressions

    3 Retweets

    17 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-62725: From #docker compose ps” to #System_Compromise https://t.co/aBaDyuYCQq https://t.co/NPNEJucRMQ

    @omvapt

    29 Oct 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. برای محصول Docker Compose آسیب پذیری جدیدی با کد شناسایی CVE-2025-62725 و از نوع path traversal منتشر شده است . این آسیب پذیری باعث ایجاد فایل بر روی سیستم Host می شود. برای امن س

    @EthicalSafe

    29 Oct 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. this week in containers can't contain we see CVE-2025-62725 hitting an 8.9 - be careful running all those compose files on github - even read-only cmds like ps allow escape https://t.co/S9IOZLQijW

    @nanovms

    29 Oct 2025

    218 Impressions

    1 Retweet

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  8. Docker Compose Flaw Allows Arbitrary File Overwrites A path traversal flaw in Docker Compose (CVE-2025-62725) allows attackers to write arbitrary files to host systems via crafted OCI artifacts. Discovered in October 2025, it has a high severity CVSS score of 8.9. This https://t

    @Secwiserapp

    29 Oct 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CRITICAL: Docker Flaw (CVE-2025-62725) Allows Full Server Hijack. Why Your CI/CD Pipeline is Broken. Read the full report on - https://t.co/hBTY1bYd77 https://t.co/CtcLsLxw8n

    @cyberbivash

    29 Oct 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Docker Composeに深刻なパストラバーサル脆弱性(CVE-2025-62725、CVSS 8.9)が発覚した。攻撃者はOCI Composeアーティファクト内の悪意ある注釈を利用し、Composeのキャッシュ領域を脱出して任意のファイルを上書きでき

    @yousukezan

    29 Oct 2025

    37128 Impressions

    86 Retweets

    279 Likes

    140 Bookmarks

    0 Replies

    5 Quotes

  11. This was a fun one! Docker just patched a high-severity vulnerability I found in Docker Compose (CVE-2025-62725, rated CVSS 8.9). I discovered that including an OCI include statement in a Docker Compose YAML file could lead to an arbitrary file write on the host at OCI

    @RonMasas

    28 Oct 2025

    16600 Impressions

    44 Retweets

    153 Likes

    74 Bookmarks

    1 Reply

    3 Quotes

  12. [CVE-2025-62725: HIGH] Docker Compose vulnerability leads to potential file overwrite attacks. Update to v2.40.2 to secure systems using Docker Desktop, standalone Compose binaries, or cloud dev environments.#cve,CVE-2025-62725,#cybersecurity https://t.co/OI7GXa5MKx https://t.co/

    @CveFindCom

    27 Oct 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Related CVEs

  1. cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup. Only SECT curves are impacted by this. This vulnerability is fixed in 46.0.5.CVE-2026-26007
  2. Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1 (Persistent Attack): If a low-privileged attacker pre-creates C:\ProgramData\DockerDesktop before Docker Desktop installation, the attacker retains ownership of the directory even after the installer applies restrictive ACLs. At any time after installation completes, the attacker can modify the directory ACL (as the owner) and tamper with critical configuration files such as install-settings.json to specify a malicious credentialHelper, causing arbitrary code execution when any user runs Docker Desktop. Scenario 2 (TOCTOU Attack): During installation, there is a time-of-check-time-of-use (TOCTOU) race condition between when the installer creates C:\ProgramData\DockerDesktop and when it sets secure ACLs. A low-privileged attacker actively monitoring for the installation can inject malicious files (such as install-settings.json) with attacker-controlled ACLs during this window, achieving the same code execution outcome.CVE-2025-14740
  3. Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred.CVE-2025-13743
  4. This issue was addressed with improved checks This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.CVE-2025-43440
  5. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.CVE-2025-58183

References

Sources include official advisories and independent security research.