nltk@3.2.2 vulnerabilities
Natural Language Toolkit
-
latest version
3.9.1
-
latest non vulnerable version
-
first published
15 years ago
-
latest version published
3 months ago
-
licenses detected
- [2.0b4,)
Direct Vulnerabilities
Known vulnerabilities in the nltk package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Remote Code Execution (RCE) through the integrated data package download functionality. An attacker with control over the NLTK data index can execute arbitrary code by supplying pickled Python code within untrusted packages and trick a user into loading the malicious pickle. Some packages found to be vulnerable if compromised are How to fix Remote Code Execution (RCE)? Upgrade |
[0,3.8.2)
|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Remote Code Execution (RCE) in the local How to fix Remote Code Execution (RCE)? Upgrade |
[,3.8.1)
|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the local Note: This only affects users of this browser interface to Wordnet, and not other users of Wordnet. How to fix Cross-site Scripting (XSS)? Upgrade |
[,3.8.1)
|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[0,3.6.6)
|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via PoC
How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[0,3.6.6)
|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,3.6.4)
|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[0,3.6)
|
nltk is a Natural Language Toolkit (NLTK) is a Python package for natural language processing. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip).
It allows attackers to write arbitrary files via a How to fix Arbitrary File Write via Archive Extraction (Zip Slip)? Upgrade |
[,3.4.5)
|