5 matches found
CVE-2021-43854
NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service ReDoS attacks. The vulnerability is present in...
Inefficient Regular Expression Complexity in nltk (word_tokenize, sent_tokenize)
Impact The vulnerability is present in PunktSentenceTokenizer, senttokenize and wordtokenize. Any users of this class, or these two functions, are vulnerable to a Regular Expression Denial of Service ReDoS attack. In short, a specifically crafted long input to any of these vulnerable functions wi...
Regular Expression Denial Of Service (ReDoS)
nltk is vulnerable to regular expression denial of service. The vulnerability exists in PunktSentenceTokenizer function in punkt.py which allows an attacker to cause an application crash...
CVE-2021-43854
CVE-2021-43854 affects the Python package NLTK. Versions prior to 3.6.5 are vulnerable to a Regular Expression Denial of Service (ReDoS) in the affected tokenizers: PunktSentenceTokenizer, sent_tokenize, and word_tokenize. The issue arises from inefficient regex backtracking on crafted inputs, ca...
CVE-2021-43854
NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service ReDoS attacks. The vulnerability is present in...