{"ecosystem":"go","package":"github.com/docker/compose","version":null,"bugs":[{"id":1044,"ecosystem":"go","package_name":"github.com/docker/compose","affected_version":null,"fixed_version":"29.2.0+incompatible","bug_id":"osv:GO-2026-4610","title":"Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli","description":"Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli","severity":"medium","status":"fixed","source":"osv","source_url":"https://github.com/docker/cli/security/advisories/GHSA-p436-gjf2-799p","labels":["BIT-docker-cli-2025-15558","CVE-2025-15558","GHSA-p436-gjf2-799p"],"created_at":"2026-04-19 04:32:31.072784+00:00","updated_at":"2026-04-19 04:32:31.072784+00:00"},{"id":1043,"ecosystem":"go","package_name":"github.com/docker/compose","affected_version":null,"fixed_version":"2.40.2","bug_id":"osv:GO-2025-4077","title":"Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations in github.com/docker/compose","description":"Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations in github.com/docker/compose","severity":"medium","status":"fixed","source":"osv","source_url":"https://github.com/docker/compose/security/advisories/GHSA-gv8h-7v7w-r22q","labels":["CVE-2025-62725","GHSA-gv8h-7v7w-r22q"],"created_at":"2026-04-19 04:32:31.071852+00:00","updated_at":"2026-04-19 04:32:31.071852+00:00"}],"total":2,"_cache":"hit"}