The vulnerability of the nltk.download() function in the Natural Language Toolkit (NLTK) library, which is used for symbolic and statistical processing of natural language, allows a hacker to execute arbitrary code.

The vulnerability of the nltk.download function in the Natural Language Toolkit NLTK library, which is used for symbolic and statistical processing of natural language, relates to the recovery of unreliable data in memory during the processing of the averagedperceptrontagger and punkt packages...

PT-2024-6156 · Nltk +2 · Nltk +2

Name of the Vulnerable Software and Affected Versions: NLTK versions 3.8.1 and earlier Description: The issue is related to the nltk.download function in the NLTK library, which can lead to remote code execution when untrusted packages containing pickled Python code are downloaded. This...