On November 24, 2025, Docker Hardened Images resolved CVE-2025-12735 in the Kibana project, which is the visualization and user interface layer for Elasticsearch. This CVE is a critical remote code execution vulnerability that scored 9.8 on the CVSS scale. While images from other hardened image vendors were still carrying the vulnerability, Docker’s security team and tooling not only patched the CVE for Docker Hardened Images users, but also submitted the fix to the upstream LangChain.js project. Once that pull request merges, every application that depends on LangChain.js will benefit from a more secure foundation across the entire ecosystem.
We always default to upstream patching when possible because it protects everyone who depends on these libraries – not just Docker users. Upstream patches require effort. You have to submit a PR and get it approved by the project. That can mean back and forth with maintainers. Security teams are under intense time pressures. But when we fix expr-eval for LangChain.js, we’re protecting not just Kibana users but every application that depends on that library. That’s over one million weekly downloads that become more secure.
Another Nested Dependency, Another Ticking Time Bomb
CVE-2025-12735 originated in expr-eval, a JavaScript expression parser and evaluator library. The vulnerability allowed attackers to inject crafted variables into evaluate(), enabling untrusted code paths to execute logic the application never intended. Three layers deep into the dependency chain, there was a critical RCE vulnerability in unmaintained code. In practice, this gave attackers a pathway to execute malicious behavior within affected applications. The library hadn’t been updated in years. LangChain.js depends on expr-eval, which means any application or service built with LangChain.js inherits the vulnerability. This includes AI assistants, workflow tools, and LLM-powered applications widely deployed across the industry. Kibana was affected by the same dependency chain.
This matters because LangChain.js has become a foundational component in modern application development. The library provides a framework for building applications powered by large language models, and it has been downloaded millions of times from npm. As of November 18, 2025, the npm package langchain (which includes LangChain.js) receives approximately 1,018,076 weekly downloads. Organizations use LangChain.js to build chatbots, document analysis systems, customer service platforms, and AI-powered search tools. When a vulnerability exists in LangChain.js or its dependencies, it potentially affects thousands of production applications across the technology industry.
This is exactly the attack surface that sophisticated adversaries target. The 2024 XZ Utils backdoor attempt demonstrated how attackers focus on dependencies precisely because they affect so many downstream projects. Old vulnerabilities remain a persistent challenge because organizations focus on direct dependencies while nested dependencies slip through the cracks.
Why We Must Fix at the Source, Fast
Many security and hardened image vendors scan for CVEs, flag them, and patch their own images. The vulnerability remains in the upstream project. The next build cycle reintroduces it. The problem persists for every other user of that dependency chain. This approach treats symptoms instead of causes. You patch your copy of Kibana. The next developer who builds from upstream gets the vulnerable version. Other container image providers may still ship the vulnerable dependency until their next update cycle. When the next CVE gets assigned to expr-eval, the cycle repeats.
Docker takes a different approach. When the Docker Security team identified CVE-2025-12735 in Kibana, we traced it back through the dependency chain to expr-eval. Rather than applying a surface-level patch, we replaced the unmaintained library with math-expression-evaluator, an actively maintained alternative that did not have the vulnerability. Then we contributed that fix upstream to LangChain.js: Pull Request #9391.
This approach delivers three outcomes:
Docker Hardened Images users got immediate protection. The updated Kibana image shipped without the vulnerable dependency. There was no waiting for upstream maintainers and no emergency patching required.
The entire LangChain.js ecosystem will benefit. Once the PR merged, every project using LangChain.js inherits the fix automatically. Web applications, data processing pipelines, AI tools, and analytics platforms all get safer because the fix lives where it belongs.
Future builds are secure by default. Docker doesn’t have to maintain downstream patches or worry about the vulnerability reappearing in the next release cycle. The fix lives in the upstream project where it belongs.
Docker Hardened Images responded faster than other vendors. We identified the root cause, selected a maintained replacement, verified it worked correctly, and contributed the fix back to the upstream project. This is possible because Docker’s security architecture is designed for a high-speed workflow without sacrificing thoroughness or attention to detail. (We are also, as a team, strongly committed to contributing back to open source!) Continuous dependency analysis through Docker Scout identifies issues the moment they’re disclosed. Deep supply chain visibility shows not just what packages are in an image but the entire dependency chain. Direct upstream engagement means we can contribute fixes rather than wait for maintainers to respond to bug reports.
What This Means for Your Organization
If you’re running Kibana in production, CVE-2025-12735 posed a critical risk. Organizations using Docker Hardened Images received immediate protection with secure, minimal, production-ready container images built from source and backed by a fast SLA that ensures rapid remediation.. The updated image shipped with expr-eval replaced by a maintained alternative. No emergency patching was required and there was no downtime. Organizations using other container distributions may still be exposed. Check your Kibana images for the vulnerable expr-eval dependency. If you’re running upstream Kibana, monitor for the LangChain.js update that incorporates Docker’s fix.
But the implications extend beyond this single CVE. The nested dependency problem affects every modern application. Your development teams probably don’t know what libraries are three or four levels deep in your dependency trees. Your security scanners might not catch them. Your vendors might not fix them upstream.
Helping Open Source Projects Helps Us All
The container ecosystem depends on thousands of open source projects. Most are maintained by small teams, often volunteers, who juggle security alongside feature development, bug fixes, and user support. When vulnerabilities emerge, maintainers may lack resources for immediate response.
Commercial vendors who benefit from open source have a responsibility to contribute back. When Docker Security fixes vulnerabilities upstream, open source maintainers get security support at no cost. The entire community benefits from hardened dependencies. Docker builds trust with the projects that power modern infrastructure. Future vulnerabilities become easier to address as relationships deepen. Together, we are more secure.
Docker is not the only company to push patches upstream, but it is a core part of our DNA. We don’t just protect our own customers but strengthen the entire ecosystem. Fixes go upstream so everyone benefits. The focus is on eliminating vulnerabilities at their source rather than playing endless rounds of patch-and-scan.
Modern supply chain attacks move faster than traditional security response times. Docker Hardened Images and Docker Scout are designed to match that speed while strengthening the entire ecosystem through upstream contributions. When vulnerabilities emerge, our customers get immediate protection. When our fixes go upstream, everyone gets safer.
Learn more about how Docker Hardened Images deliver security that protects your organization and strengthens the ecosystem.
Quelle: https://blog.docker.com/feed/
