Docker Compose users are being strongly urged to upgrade their versions of the orchestration tool after a researcher uncovered a flaw that could allow attackers to stage path traversal attacks.

NIST has dubbed the Compose vulnerability CVE-2025-62725 and given it a 8.9 severity rating.

The bug was uncovered by Imperva’s Ron Masas in early October. As Masas writes, Compose is a “friendly layer above Docker Engine that turns a few YAML lines into a running application.” Unsurprisingly then, it powers millions of workflows, “from CI/CD runners and local development stacks to cloud workspaces and enterprise build pipelines.”

He uncovered the high-severity path traversal vulnerability while exploring the tool’s recently added support for OCI-based Compose artifacts. “The flaw allowed attackers to escape Compose’s cache directory and write arbitrary files on the host system, simply by tricking a user into referencing a malicious remote artifact.”

“When Compose processed OCI layers it trusted the layer annotations that tell it where to write files,” he said. So an attacker could craft an annotation, and Compose “performed a literal join between its local cache directory and that annotation… No normalization, no canonicalization, no checks that the resulting path stayed inside the cache.”

That in turn would allow the crafted annotation to traverse out of the cache directory, “and cause Compose to write files anywhere the Compose process had permission to write.”

While Docker Compose’s OCI artifact feature aims to streamline configuration sharing, this incident illustrates how automatic file reconstruction from unverified sources can obscure important security boundaries.

Masas said the Docker team’s quick response and fix ensured users remain protected, but the incident drove home the point to “sanitize every path, even when ‘it’s just YAML.'” In the meantime, Imperva recommended users upgrade to v2.40.2.

In other news, Docker has fixed a flaw in its Windows Installer that left it vulnerable to DLL injection. The Desktop Installer.exe flaw was dubbed EUVD-2025-36191 by ENISA earlier this week, with a 8.8 rating.

ENISA said the flaw means Desktop Installer.exe “is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user’s Downloads folder before checking system directories.”

This weakness allowed attackers to gain higher-level access to the system by placing malicious DLL files in specific locations.

Docker plugged the gap in Desktop 4.49.0, released last week, meaning users should upgrade if they haven’t already. Release notes for the latest version also warned that the next release onward will require at least Windows 10 22H2 or Windows 11 23H2.

This is the second month on the trot Docker has had to plug a high-severity flaw in Desktop, while in August, it had to plug a critical flaw. However, many vendors or projects happily clock up tens, hundreds, or even thousands of flaws a year. OWASP’s first rule for Docker security is “Keep Host and Docker up to date.” ®