#docker-compose

[ follow ]
#cve-2025-62725 #docker-composeyml #multi-container #services #path-traversal #oci-artifacts #dll-hijacking
DevOps
fromMedium
3 weeks ago

Docker Compose: Step-by-Step Tutorial for Beginners

Docker Compose defines and runs multi-container Docker applications using a single declarative docker-compose.yml file to manage services, networks, and volumes with one command.
Information security
fromTheregister
1 month ago

Docker Compose vulnerability opens door to host-level writes

Docker Compose's OCI artifact handling had a path traversal vulnerability (CVE-2025-62725) allowing arbitrary host file writes; upgrade to Compose v2.40.
fromTechzine Global
1 month ago

Docker fixes serious vulnerabilities in Compose and Desktop Installer

The bug in Docker Compose was found in October by security researcher Ron Masas of Imperva. Compose is a tool that converts YAML configurations into running container environments and is an important part of countless development and CI/CD processes. Masas discovered that the recent support for OCI-based Compose artifacts did not perform sufficient checks on file locations. When processing these artifacts, Compose relied entirely on the instructions in the so-called layer annotations, which specify where files should be placed.
Information security
DevOps
fromfaun.pub
2 months ago

Deploying a Complete RAG Ecosystem with a Single Command: My Ultimate Docker Stack

A single Docker Compose stack provides a ready-to-run local RAG environment combining Ollama, Qdrant, MongoDB, Redis, Neo4j, Keycloak, Mongo Express, and n8n.
Web development
fromInfoQ
4 months ago

Docker Expands Compose for Agent Development and Ties in Cloud Offload Support

Docker launched a feature enabling the definition, building, and running of agents with Docker Compose to enhance development efficiency.
[ Load more ]