Search CVE reports
1 – 5 of 5 results
CVE-2024-39705
Medium priorityNLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.
1 affected package
nltk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| nltk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-3842
Medium prioritynltk is vulnerable to Inefficient Regular Expression Complexity
1 affected package
nltk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| nltk | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-43854
Medium priorityNLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression...
1 affected package
nltk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| nltk | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-3828
Medium prioritySome fixes available 9 of 11
nltk is vulnerable to Inefficient Regular Expression Complexity
1 affected package
nltk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| nltk | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2019-14751
Medium priorityNLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.
1 affected package
nltk
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| nltk | — | — | — | Fixed | Fixed |