Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/03 9:13 p.m.11 views

XML External Entity Injection

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to XML External Entity Injection in the METS-GBS backend's XML parsing and...

7.1CVSS5.5AI score0.00113EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/03 9:9 p.m.11 views

Server-side Request Forgery (SSRF)

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the HTML rendering process when the...

8.2CVSS5.8AI score0.00384EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/03 8:2 p.m.11 views

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip in easyocrmodel.py...

8.3CVSS6.1AI score0.00478EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 5:19 p.m.10 views

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity...

8.7CVSS5.8AI score0.00278EPSS
Exploits0References2
Rows per page
Query Builder