CVE-2025-62725

CVE-2025-62725 affects Docker Compose when resolving remote OCI artifacts. The vulnerability arises from path handling of annotations in OCI layers (com.docker.compose.file and com.docker.compose.envfile), where Docker Compose joins attacker-controlled paths with its local cache directory without...

CVE-2025-62725

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

CVE-2025-62725 Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

EUVD-2025-36357

Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations...

GHSA-GV8H-7V7W-R22Q Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

PT-2025-44043

Name of the Vulnerable Software and Affected Versions Docker Compose versions prior to 2.40.2 Description Docker Compose is affected by a path traversal flaw stemming from improper restriction of path names to accessible directories. This issue allows a remote attacker to overwrite arbitrary file...

Docker Compose 路径遍历漏洞

Docker Compose is a Docker open source for defining and running multi-container applications using Docker. A path traversal vulnerability exists in Docker Compose that stems from trusting path information in a remote OCI compose artifact, which could lead an attacker to escape the cache directory...

EUVD-2018-19741

Malware in sbrugna...

EUVD-2021-1162

Malware in sbrugna...

Exploit for CVE-2025-8625

CVE-2025-8625 — PoC Обзор В репозитории храняться исходные...

EUVD-2025-3143

Malicious code in bioql PyPI...

EUVD-2023-38103

Malicious code in bioql PyPI...

EUVD-2023-40746

Malicious code in bioql PyPI...

EUVD-2023-41184

Malicious code in bioql PyPI...

EUVD-2025-25911

Malicious code in bioql PyPI...

EUVD-2025-25214

Malicious code in bioql PyPI...

metasploit-framework

This repository is an offensive tool for Metasploit Framework. It is a collection of files and workflows used to build and test the Metasploit Framework, a penetration testing tool. The repository contains various templates for reporting issues, suggesting new features, and submitting pull...

vulhub

This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The repository contains a collection of vulnerable applications and services, along with their corresponding Dockerfiles and configuration files. The vulnerable environments are designed to help...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

This repository is a collection of proof-of-concept PoC exploits from Datadog Security Labs. The exploits are designed to demonstrate vulnerabilities in various software products, including Confluence, OpenSSL, and Spring. The repository contains code and instructions for running the exploits, as...