惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

量子位
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
F
Fortinet All Blogs
博客园 - 聂微东
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Hugging Face - Blog
Hugging Face - Blog
V
Visual Studio Blog
小众软件
小众软件
有赞技术团队
有赞技术团队
雷峰网
雷峰网
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
AWS News Blog
AWS News Blog
C
Cisco Blogs
美团技术团队
T
Threat Research - Cisco Blogs
C
CERT Recently Published Vulnerability Notes
人人都是产品经理
人人都是产品经理
宝玉的分享
宝玉的分享
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
酷 壳 – CoolShell
酷 壳 – CoolShell
Stack Overflow Blog
Stack Overflow Blog
W
WeLiveSecurity
D
DataBreaches.Net
博客园 - 司徒正美
Blog — PlanetScale
Blog — PlanetScale
IT之家
IT之家
云风的 BLOG
云风的 BLOG
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Simon Willison's Weblog
Simon Willison's Weblog
Google DeepMind News
Google DeepMind News
T
The Blog of Author Tim Ferriss
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Cloudflare Blog
Vercel News
Vercel News
月光博客
月光博客
T
Tailwind CSS Blog
H
Help Net Security
aimingoo的专栏
aimingoo的专栏
P
Proofpoint News Feed
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Spread Privacy
Spread Privacy
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Cisco Talos Blog
Cisco Talos Blog
Microsoft Security Blog
Microsoft Security Blog
V
V2EX
WordPress大学
WordPress大学
Cyberwarzone
Cyberwarzone
Recent Announcements
Recent Announcements

The Register - Security: Patches

Cisco SD-WAN make-me-root bug under attack Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9 AI is making Patch Tuesday (kinda) fun again Anthropic to release Mythos-class models to the public Clear your calendar, Drupal user: You have a critically urgent patch to install Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs Critical cPanel, WHM flaw probs exploited as 0-day, pros say Microsoft patch fell short. New Windows flaw exploited More Cisco SD-WAN bugs battered in attacks Critical Fortinet sandbox bugs allow auth bypass and RCE Ancient Excel bug comes out of retirement for active attacks Microsoft's massive Patch Tuesday: It's raining bugs Ransomware scum, other crims exploit 4 old Microsoft bugs Attackers exploited the FortiClient EMS bug as a 0-day Citrix NetScaler bug may be multiple flaws in one Ransomware crims abused Cisco 0-day weeks before disclosure Google rushes Chrome update to fix zero-days under attack CISA warns max-severity n8n bug is being exploited in the wild Cisco warns of two more SD-WAN bugs under active attack LexisNexis Legal & Professional confirms data breach Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover Patch these 4 critical, make-me-root SolarWinds bugs ASAP Attacker gets into France's DB listing all bank accounts CISA gives feds 3 days to patch actively exploited Dell bug CISA gives feds 3 days to patch actively exploited Dell bug Google fixes exploited Chrome CSS zero-day Critical Microsoft bug from 2024 under exploitation Apple patches decade-old iOS zero-day exploited in the wild Microsoft's Valentine's gift to admins: 6 zero-day fixes Microsoft's Valentine's gift to admins: 6 zero-day fixes Critical SolarWinds Web Help Desk bug under attack Critical React Native Metro dev server bug under attack Critical React Native Metro dev server bug under attack OpenClaw patches one-click RCE as security Whac-A-Mole continues Ivanti's January bad luck continues as 0-days hit customers Critical VMware vCenter Server bug under attack Critical VMware vCenter Server bug under attack FortiGate SSO bug still exploitable despite December patch Ancient telnet bug happily hands out root to attackers Cisco plugs up Unified Comms zero-day under active exploit Cloudflare whacks WAF bypass bug that opened side door Cloudflare whacks WAF bypass bug that opened side door Anthropic quietly fixed flaws in its Git MCP server Sorry Dave, I’m afraid I can’t do that! PCs refuse to shut down after Microsoft patch Patch Tuesday update makes Windows PCs refuse to shut down Cisco finally fixes max-severity bug under active attack for weeks Cisco finally fixes max-severity bug under attack for weeks Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm Python libraries in AI/ML models can be poisoned w metadata Python libraries in AI/ML models can be poisoned w metadata Ruh-roh, there's a Cisco ISE bug POC on the loose Ruh-roh, there's a Cisco ISE bug POC on the loose CISA flags exploited Office relic alongside fresh HPE flaw Critical n8n bug allows unauthenticated server takeover Logitech mouse mayhem traced to expired dev certificate 'Heartbleed of MongoDB' under active exploit Microsoft fixes Message Queuing issue in new update Microsoft fixes Message Queuing issue in new update Critical-rated WatchGuard Firebox flaw under active attack HPE OneView RCE bug scores a perfect 10 Apple, Google forced to issue emergency 0-day patches Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit Microsoft RasMan 0-day gets an unofficial patch and exploit New React vulns leak secrets, invite DoS attacks Google fixes super-secret 8th Chrome 0-day Microsoft fixes Windows shortcut flaw exploited for years Microsoft fixes Windows shortcut flaw exploited for years Two Android 0-day bugs patched, plus 105 more fixes Fortinet finally cops to critical bug under active exploit Cisco warns of 'new attack variant' battering firewalls Microsoft issues out-of-band patch for critical WSUS flaw Vulnerable Rust crate exposes uv Python packager Oracle rushes out another emergency E-Business Suite patch 50K Cisco firewalls remain vulnerable to advanced attacks Exploits using GoAnywhere perfect-10 bug confirmed Critical Cisco firewall holes under active attack SonicWall releases rootkit-busting firmware update SolarWinds patches critical RCE - for the third time Fortra discloses 10/10 severity bug in GoAnywhere MFT OpenAI plugs ShadowLeak bug in ChatGPT Google pushes emergency patch for Chrome 0-day Apple backports patch to older kit after 0-day exploitation
Docker Compose vulnerability opens door to host-level writes
Joe Fay Joe Fay · 2025-10-31 · via The Register - Security: Patches

Patches

Windows Desktop installer also fixed after DLL hijack flaw rated 8.8 severity

Docker Compose users are being strongly urged to upgrade their versions of the orchestration tool after a researcher uncovered a flaw that could allow attackers to stage path traversal attacks.

NIST has dubbed the Compose vulnerability CVE-2025-62725 and given it a 8.9 severity rating.

The bug was uncovered by Imperva's Ron Masas in early October. As Masas writes, Compose is a "friendly layer above Docker Engine that turns a few YAML lines into a running application." Unsurprisingly then, it powers millions of workflows, "from CI/CD runners and local development stacks to cloud workspaces and enterprise build pipelines."

He uncovered the high-severity path traversal vulnerability while exploring the tool's recently added support for OCI-based Compose artifacts. "The flaw allowed attackers to escape Compose's cache directory and write arbitrary files on the host system, simply by tricking a user into referencing a malicious remote artifact."

"When Compose processed OCI layers it trusted the layer annotations that tell it where to write files," he said. So an attacker could craft an annotation, and Compose "performed a literal join between its local cache directory and that annotation… No normalization, no canonicalization, no checks that the resulting path stayed inside the cache."

That in turn would allow the crafted annotation to traverse out of the cache directory, "and cause Compose to write files anywhere the Compose process had permission to write."

While Docker Compose's OCI artifact feature aims to streamline configuration sharing, this incident illustrates how automatic file reconstruction from unverified sources can obscure important security boundaries.

Masas said the Docker team's quick response and fix ensured users remain protected, but the incident drove home the point to "sanitize every path, even when 'it's just YAML.'" In the meantime, Imperva recommended users upgrade to v2.40.2.

In other news, Docker has fixed a flaw in its Windows Installer that left it vulnerable to DLL injection. The Desktop Installer.exe flaw was dubbed EUVD-2025-36191 by ENISA earlier this week, with a 8.8 rating.

ENISA said the flaw means Desktop Installer.exe "is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories."

This weakness allowed attackers to gain higher-level access to the system by placing malicious DLL files in specific locations.

Docker plugged the gap in Desktop 4.49.0, released last week, meaning users should upgrade if they haven't already. Release notes for the latest version also warned that the next release onward will require at least Windows 10 22H2 or Windows 11 23H2.

This is the second month on the trot Docker has had to plug a high-severity flaw in Desktop, while in August, it had to plug a critical flaw. However, many vendors or projects happily clock up tens, hundreds, or even thousands of flaws a year. OWASP's first rule for Docker security is "Keep Host and Docker up to date." ®