python · doclingHeads-up
docling LaTeX Backend Path Traversal Vulnerability Fixed in 2.91.0
The LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation, allowing path traversal attacks.
What changed
The LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation, allowing path traversal attacks. Fixed in version 2.91.0 with strict path validation using Path.resolve().is_relative_to().
Who it affects
Users of docling processing untrusted LaTeX documents, especially those using versions prior to 2.91.0.
What to do today
Upgrade to version 2.91.0 or later, or sandbox the processing environment if upgrade is not immediately possible.
The trail
Collected→
Audited→
Written→
Published