External Control of File Name or Path

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to External Control of File Name or Path in backend/htmlbackend.py‎, which ...

PT-2023-22267 · Red Bull · Laola.Redbull

Name of the Vulnerable Software and Affected Versions: laola.redbull application through 5.1.9-R for Android Description: The laola.redbull application exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI...