2 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-14009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The unzipiter function in nltk/downloader.py uses...
CVE-2025-14009 Zip Slip Vulnerability in nltk/nltk Leading to Remote Code Execution
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The unzipiter function in nltk/downloader.py uses zipfile.extractall without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when...