nltk@3.2.2 vulnerabilities

Natural Language Toolkit

Direct Vulnerabilities

Known vulnerabilities in the nltk package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Remote Code Execution (RCE)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Remote Code Execution (RCE) through the integrated data package download functionality. An attacker with control over the NLTK data index can execute arbitrary code by supplying pickled Python code within untrusted packages and trick a user into loading the malicious pickle.

Some packages found to be vulnerable if compromised are averaged_perceptron_tagger, punkt, maxent_ne_chunker, help/tagsets, and maxent_treebank_pos_tagger.

How to fix Remote Code Execution (RCE)?

Upgrade nltk to version 3.8.2 or higher.

[0,3.8.2)
  • H
Remote Code Execution (RCE)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Remote Code Execution (RCE) in the local WordNet browser. When a user opens a malicious link while the WordNet browser is active, it can result in the exploitation of this vulnerability on their system.

How to fix Remote Code Execution (RCE)?

Upgrade nltk to version 3.8.1 or higher.

[,3.8.1)
  • M
Cross-site Scripting (XSS)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the local Wordnet browser via the MyServerHandler class. Exploiting this vulnerability is possible by creating a maliciously crafted URL.

Note: This only affects users of this browser interface to Wordnet, and not other users of Wordnet.

How to fix Cross-site Scripting (XSS)?

Upgrade nltk to version 3.8.1 or higher.

[,3.8.1)
  • M
Regular Expression Denial of Service (ReDoS)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the RegexpTagger method.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade nltk to version 3.6.6 or higher.

[0,3.6.6)
  • H
Regular Expression Denial of Service (ReDoS)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via word_tokenize() in nltk/tokenize/punkt.py.

PoC

from nltk.tokenize import word_tokenize
import nltk
nltk.download('punkt')
import time

for length in [1000*2**n for n in range(1000)]:
    text = "a" * length
    start_t = time.time()
    word_tokenize(text)
    print(f"payload length: {length} takes {time.time()-start_t}s")

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade nltk to version 3.6.6 or higher.

[0,3.6.6)
  • M
Regular Expression Denial of Service (ReDoS)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in the CorpusReader for the Comparative Sentences Dataset.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade nltk to version 3.6.4 or higher.

[,3.6.4)
  • M
Regular Expression Denial of Service (ReDoS)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). _XML_TAG_NAME regex operator is vulnerable mainly due to the sub-pattern \s*/?\s* and can be exploited with an input such as "<"+" " * 5000

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade nltk to version 3.6 or higher.

[0,3.6)
  • M
Arbitrary File Write via Archive Extraction (Zip Slip)

nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing.

Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip). It allows attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.

How to fix Arbitrary File Write via Archive Extraction (Zip Slip)?

Upgrade nltk to version 3.4.5 or higher.

[,3.4.5)