Fluid Attacks Database

Description

NLTK Vulnerable to REDoS NLTK is vulnerable to REDoS in some RegexpTaggers used in the functions get_pos_tagger and malt_regex_tagger.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	nltk	=3.5-1 \|\| =3.6.5-1 \|\| =3.6.7-1 \|\| =3.7-1 \|\| =3.8-1 \|\| =3.8.1-1 \|\| =3.9.1-1 \|\| =3.9.1-2 \|\| =3.9.2-1 \|\| =3.9.3-1	-
pypi	nltk	>=0 <3.6.6	3.6.6
debian 13	nltk	>=0 <3.6.7-1	3.6.7-1
debian 14	nltk	>=0 <3.6.7-1	3.6.7-1
debian 12	nltk	>=0 <3.6.7-1	3.6.7-1

Aliases

References

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.