Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nltk
(Nltk)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 4 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-08-22 | CVE-2019-14751 | NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. | Nltk | 7.5 | ||
2021-09-27 | CVE-2021-3828 | nltk is vulnerable to Inefficient Regular Expression Complexity | Nltk | 7.5 | ||
2022-01-04 | CVE-2021-3842 | nltk is vulnerable to Inefficient Regular Expression Complexity | Debian_linux, Fedora, Nltk | 7.5 | ||
2021-12-23 | CVE-2021-43854 | NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service (ReDoS) attacks. The vulnerability is present in PunktSentenceTokenizer, sent_tokenize and word_tokenize. Any users of this class, or these two functions, are vulnerable to the ReDoS attack. In short, a specifically crafted long input to any of these... | Nltk | 7.5 |