
PEACH
Uma estrutura de isolamento de inquilino
CVE-2026-44018 is a moderate-severity vulnerability in the Docling Python library's METS-GBS backend that enables XML External Entity (XXE) attacks, decompression bomb (zip bomb) attacks, and unbounded archive extraction. It affects docling (pip) versions >= 2.45.0 and < 2.91.0. The advisory was published on June 2, 2026, by dolfim-ibm and added to the GitHub Advisory Database on June 3, 2026. It carries a CVSS v3.1 base score of 5.5 (Medium) (GitHub Advisory).
The vulnerability stems from three distinct weaknesses in Docling's METS-GBS backend: CWE-611 (Improper Restriction of XML External Entity Reference), CWE-409 (Improper Handling of Highly Compressed Data), and CWE-776 (Improper Restriction of Recursive Entity References in DTDs). The XML parser lacked hardened settings — specifically, it did not disable entity resolution, DTD loading, or network access — allowing an attacker to embed malicious external entity references in METS-GBS XML to read local files or trigger denial of service. Separately, the archive extraction logic imposed no size or member-count limits, enabling decompression bombs and unbounded resource consumption. Exploitation requires a user to open or process a maliciously crafted METS-GBS archive, making user interaction a prerequisite (GitHub Advisory, Docling Security Advisory).
Successful exploitation can result in high availability impact through memory and disk exhaustion caused by decompression bombs or unbounded archive extraction, potentially crashing the application or the host system. XXE attacks additionally expose sensitive local files readable by the process, posing a confidentiality risk not fully reflected in the CVSS score (which scores confidentiality as None under the local-attack-vector scenario). Systems that automatically process user-supplied METS-GBS archives — such as document ingestion pipelines — are at greatest risk of resource exhaustion and data exposure (GitHub Advisory).
<!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><mets>&xxe;</mets>) to read local files, or embed a decompression bomb (e.g., a highly compressed file that expands to hundreds of megabytes) to exhaust system resources./etc/passwd) is embedded in the parser output, leaking sensitive file contents. For decompression bombs, memory and disk are exhausted, causing application crash or denial of service (GitHub Advisory, Docling Security Advisory).Upgrade docling to version 2.91.0 or later, which introduces secure XML parsing (resolve_entities=False, load_dtd=False, no_network=True) and enforces extraction limits (300 MB total, 10 MB per file, 1000 members). As a temporary workaround, avoid processing METS-GBS archives from untrusted sources; if processing is necessary, pre-validate archives in an isolated environment with strict resource limits (e.g., containers with memory/disk quotas). The fix was released on April 23, 2026, as part of Docling v2.91.0 (Docling v2.91.0 Release, GitHub Advisory).
Origem: Este relatório foi gerado usando IA
Avaliação de vulnerabilidade gratuita
Avalie suas práticas de segurança na nuvem em 9 domínios de segurança para comparar seu nível de risco e identificar lacunas em suas defesas.
Marque uma demonstração personalizada
"A melhor experiência do usuário que eu já vi, fornece visibilidade total para cargas de trabalho na nuvem."
"A Wiz fornece um único painel de vidro para ver o que está acontecendo em nossos ambientes de nuvem."
"Sabemos que se a Wiz identifica algo como crítico, na verdade é."