Docling Core: Insufficient validation of image reference URIs
Impact
In versions>= 2.5.0, < 2.74.1, docling-core could allow local file:// image references and accepted inline data: content without a decoded-size limit.In applications that accept untrusted image references, this may allow access to local files readable by the process or excessive memory use from large inline payloads.
Patches
Patched indocling-core 2.74.1.
The fix blocks local file URIs by default and adds a size limit for decoded inline image data.Users should upgrade to:
docling-core>= 2.74.1
Workarounds
If upgrading is not immediately possible:- reject
file:anddata:image references from untrusted input - allow only approved local or remote image sources
- apply input size and memory limits to processing workers
References
- Fix release:
v2.74.1