Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-39705HistoryJun 27, 2024 - 10:15 p.m.
CVE-2024-39705
2024-06-2722:15:10
Debian Security Bug Tracker
security-tracker.debian.org
2
nltk
remote code execution
untrusted packages
pickled python code
data package
averaged_perceptron_tagger
punkt
unix
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | nltk | <= 3.8-1 | nltk_3.8-1_all.deb |
| Debian | 11 | all | nltk | <= 3.5-1 | nltk_3.5-1_all.deb |
| Debian | 999 | all | nltk | <= 3.8.1-1 | nltk_3.8.1-1_all.deb |
| Debian | 13 | all | nltk | <= 3.8.1-1 | nltk_3.8.1-1_all.deb |
Related
osv
osv
ntlk unsafe deserialization vulnerability
2024-06-28 00:33:31
CVE-2024-39705
2024-06-27 22:15:10
cvelist
cvelist
CVE-2024-39705
2024-06-27 00:00:00
nvd
nvd
CVE-2024-39705
2024-06-27 22:15:10
vulnrichment
vulnrichment
CVE-2024-39705
2024-06-27 00:00:00
cve
cve
CVE-2024-39705
2024-06-27 22:15:10
github
github
ntlk unsafe deserialization vulnerability
2024-06-28 00:33:31