# =============================================================================
# CVE-2026-22738  |  GHSA-fvh3-672c-7p6c  |  CVSS 9.8 CRITICAL
# Affected:       Spring AI SimpleVectorStore 1.0.0–1.0.4, 1.1.0-M1–1.1.3
# Fixed:          Spring AI 1.0.5 / 1.1.4
# Attack Vector:  Network / No Auth / No User Interaction
# Description:    SpEL injection via user-controlled filter key name in
#                 SimpleVectorStore.similaritySearch() → unauthenticated RCE
# Fix Commit:     ba9220b22383e430d5f801ce8e4fa01cf9e75f29
# =============================================================================

services:
  vulnerable-app:
    # Name the container so the exploit script can docker-exec into it to verify
    container_name: cve-2026-22738-lab

    build:
      # Builds the vulnerable Spring Boot 3.4.3 + Spring AI 1.0.4 application
      # from source so the exact vulnerable version is pinned in pom.xml
      context: ./app
      dockerfile: Dockerfile

    ports:
      # Map host 8082 → container 8080.
      # Using 8082 to avoid collisions with other local services on 8080/8081.
      - "8082:8080"

    restart: unless-stopped

    # Cap resources — the lab must not exhaust the Docker host
    deploy:
      resources:
        limits:
          cpus: "1.0"
          memory: 768M