Docker Compose Path Traversal Vulnerability via OCI Artifact Layer Annotations

A path traversal vulnerability has been identified in Docker Compose versions prior to 2.40.2. This issue arises because Docker Compose trusts the path information in remote OCI compose artifacts. When a layer includes certain annotations, Compose concatenates the attacker-supplied values with its local cache directory, potentially allowing an attacker to escape the cache directory and overwrite arbitrary files on the host machine. This vulnerability can be exploited even when using read-only commands such as 'docker compose config' or 'docker compose ps'.

Impact

Exploitation of this vulnerability allows for arbitrary file overwriting on the machine running Docker Compose, which could lead to significant disruption or unauthorized changes to the system.

Reproduction

The vulnerability can be reproduced by creating an OCI compose artifact that includes the 'com.docker.compose.extends' or 'com.docker.compose.envfile' annotations. When this artifact is processed by Docker Compose, the specified values will be combined with the local cache directory path. If the annotations are crafted to include path traversal sequences, they can escape the cache directory and overwrite files on the host system.

Remediation

Users can upgrade to Docker Compose version 2.40.2 or later to address this vulnerability.