PYSEC-2026-2145

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/docling/PYSEC-2026-2145.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-2145
Aliases
Published
2026-06-24T18:17:17.593Z
Modified
2026-07-13T07:15:23.386348689Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences to read arbitrary files from the file system accessible to the process, include sensitive files in the converted document output, or potentially access configuration files, credentials, or other sensitive data This vulnerability is fixed in 2.91.0.

References

Affected packages

PyPI / docling

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.73.0
Fixed
2.91.0

Affected versions

2.*
2.73.0
2.73.1
2.74.0
2.75.0
2.76.0
2.77.0
2.78.0
2.79.0
2.80.0
2.81.0
2.82.0
2.83.0
2.84.0
2.85.0
2.86.0
2.87.0
2.88.0
2.89.0
2.90.0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/docling/PYSEC-2026-2145.yaml"