Nltk Security Vulnerabilities and Issues — Nltk CVE List

Lucene search

NltkNltk

5 matches found

CVE•added 2024/06/27 10:15 p.m.•221 views

CVE-2024-39705

NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.

9.8CVSS8AI score0.01484EPSS

CVE•added 2019/08/22 4:15 p.m.•154 views

CVE-2019-14751

NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.

7.5CVSS7.3AI score0.03222EPSS

CVE•added 2021/12/23 6:15 p.m.•76 views

CVE-2021-43854

NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service (ReDoS) attacks. The vulnerability is present in Punk...

7.5CVSS7.4AI score0.01447EPSS

CVE•added 2021/09/27 1:15 p.m.•74 views

CVE-2021-3828

nltk is vulnerable to Inefficient Regular Expression Complexity

7.5CVSS7.3AI score0.00433EPSS

CVE•added 2022/01/04 3:15 p.m.•66 views

CVE-2021-3842

nltk is vulnerable to Inefficient Regular Expression Complexity

7.5CVSS7.4AI score0.00532EPSS