Описание
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.9.1-2 |
| esm-apps/bionic | ignored | changes too intrusive |
| esm-apps/focal | ignored | changes too intrusive |
| esm-apps/jammy | ignored | changes too intrusive |
| esm-apps/noble | ignored | changes too intrusive |
| esm-apps/xenial | ignored | changes too intrusive |
| esm-infra-legacy/trusty | ignored | changes too intrusive |
| focal | ignored | end of standard support, was ignored [changes too intrusive] |
| jammy | ignored | changes too intrusive |
| mantic | ignored | end of life, was needs-triage |
Показывать по
10
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 1 года назад
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.
CVSS3: 9.8
debian
больше 1 года назад
NLTK through 3.8.1 allows remote code execution if untrusted packages ...
9.8 Critical
CVSS3