Ayoub-Ibm

**Name of the Vulnerable Software and Affected Versions** Docling-Graph versions prior to 1.5.1 **Description** The `URLInputHandler` class in `docling graph/core/input/handlers.py` makes HTTP requests to user-supplied URLs without validating if the target resolves to a private, loopback, or link-local IP address. The `URLValidator` only verifies the scheme and that the `netloc` is not empty, omitting IP-level validation. Furthermore, the `requests.head()` function was called with `allow redirects=True`, which enables an attacker to redirect requests to internal endpoints through an intermediary URL. An attacker controlling the `--source` CLI argument or the `PipelineConfig.source` API parameter can trigger Server-Side Request Forgery (SSRF), a flaw where the server is coerced into making unintended requests. This can be used to access cloud metadata endpoints to steal IAM credentials or reach internal services on loopback or private network ranges. **Recommendations** Update to version 1.5.1. Ensure all URLs passed to `URLInputHandler` come exclusively from trusted, internal sources and never from user-supplied or external input.