python · docling-coreCritical
docling-core: SSRF via unsafe Content-Disposition resolution (>=1.5.0, <2.74.1)
docling-core versions >=1.5.0, <2.74.1 did not sufficiently restrict remote request destinations and could resolve a server-provided Content-Disposition to a lo
What changed
docling-core versions >=1.5.0, <2.74.1 did not sufficiently restrict remote request destinations and could resolve a server-provided Content-Disposition to a local path in an unsafe manner, enabling SSRF attacks targeting local files outside the user-defined cache directory.
Who it affects
Applications using docling-core >=1.5.0, <2.74.1 that accept untrusted URLs.
What to do today
Upgrade to docling-core >=2.74.1 immediately. If not possible, avoid passing untrusted URLs into remote fetch functionality.
The trail
Collected→
Audited→
Written→
Published