PyPI package
docling
pkg:pypi/docling
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-47214 | hig | — | < 2.94.0 | 2.94.0 | Jun 3, 2026 | ### Impact The HTML backend did not perform sufficient validation during resource handling: - Accepted `file://` URIs enabling local file system access when `enable_local_fetch=True` - Path resolution allowed traversal outside intended directories via `../` sequences and absolute | |
| CVE-2026-44022 | — | >= 2.73.0, < 2.91.0 | 2.91.0 | Jun 3, 2026 | ### Impact The LaTeX backend's handling of `\includegraphics`, `\input`, and `\include` commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences (e.g., `../../../etc/passwd`) to: - Read arbitrary files from the fil | ||
| CVE-2026-44020 | hig | — | >= 2.13.0, < 2.74.0 | 2.74.0 | Jun 3, 2026 | ### Impact The USPTO patent XML parser used the standard `xml.sax.parseString()` without protection against XML External Entity (XXE) attacks. An attacker could craft malicious USPTO patent XML files with external entity references that could: - Read arbitrary files from the serv | |
| CVE-2026-44018 | — | >= 2.45.0, < 2.91.0 | 2.91.0 | Jun 3, 2026 | ### Impact The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity (XXE) attacks to read local files or cause denial of service - Decompression bombs (zip bombs) to exhaust memory and disk space - Unboun | ||
| CVE-2026-44016 | hig | — | >= 2.82.0, < 2.91.0 | 2.91.0 | Jun 3, 2026 | ### Impact In versions `>= 2.82.0, < 2.91.0`, if the HTML backend was explicitly configured for rendering (rendering option by default deactivated), then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrus |
- affected < 2.94.0fixed 2.94.0
### Impact The HTML backend did not perform sufficient validation during resource handling: - Accepted `file://` URIs enabling local file system access when `enable_local_fetch=True` - Path resolution allowed traversal outside intended directories via `../` sequences and absolute
- CVE-2026-44022Jun 3, 2026affected >= 2.73.0, < 2.91.0fixed 2.91.0
### Impact The LaTeX backend's handling of `\includegraphics`, `\input`, and `\include` commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences (e.g., `../../../etc/passwd`) to: - Read arbitrary files from the fil
- affected >= 2.13.0, < 2.74.0fixed 2.74.0
### Impact The USPTO patent XML parser used the standard `xml.sax.parseString()` without protection against XML External Entity (XXE) attacks. An attacker could craft malicious USPTO patent XML files with external entity references that could: - Read arbitrary files from the serv
- CVE-2026-44018Jun 3, 2026affected >= 2.45.0, < 2.91.0fixed 2.91.0
### Impact The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity (XXE) attacks to read local files or cause denial of service - Decompression bombs (zip bombs) to exhaust memory and disk space - Unboun
- affected >= 2.82.0, < 2.91.0fixed 2.91.0
### Impact In versions `>= 2.82.0, < 2.91.0`, if the HTML backend was explicitly configured for rendering (rendering option by default deactivated), then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrus