Product:

Nltk

(Nltk)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 4
Date Id Summary Products Score Patch Annotated
2019-08-22 CVE-2019-14751 NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. Nltk 7.5
2021-09-27 CVE-2021-3828 nltk is vulnerable to Inefficient Regular Expression Complexity Nltk 7.5
2022-01-04 CVE-2021-3842 nltk is vulnerable to Inefficient Regular Expression Complexity Debian_linux, Fedora, Nltk 7.5
2021-12-23 CVE-2021-43854 NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service (ReDoS) attacks. The vulnerability is present in PunktSentenceTokenizer, sent_tokenize and word_tokenize. Any users of this class, or these two functions, are vulnerable to the ReDoS attack. In short, a specifically crafted long input to any of these... Nltk 7.5