0.003 Low
EPSS
Percentile
66.5%
nltk is vulnerable to regular expression denial of service. The vulnerability exists in PunktSentenceTokenizer function in punkt.py which allows an attacker to cause an application crash.
PunktSentenceTokenizer
punkt.py
github.com/nltk/nltk/commit/1405aad979c6b8080dbbc8e0858f89b2e3690341
github.com/nltk/nltk/issues/2866
github.com/nltk/nltk/pull/2869
github.com/nltk/nltk/security/advisories/GHSA-f8m6-h2c7-8h9x