Fluid Attacks Database

Description

NLTK Vulnerable To Path Traversal NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
pypi	nltk	>=0 <3.4.5	3.4.5
debian 11	nltk	>=0 <3.4.5-1	3.4.5-1
debian 12	nltk	>=0 <3.4.5-1	3.4.5-1
debian 13	nltk	>=0 <3.4.5-1	3.4.5-1
debian 14	nltk	>=0 <3.4.5-1	3.4.5-1

Aliases

1. CVE-2019-147512. NVD-2019-147513. OSV-2019-147514. OSV-DEBIAN-2019-147515. GHSA-mr7p-25v2-35wr6. GCVE-2019-147517. SECURITY-TRACKER-CVE-2019-14751

References

1. https://github.com/nltk/nltk/commit/f59d7ed8df2e0e957f7f247fe218032abdbe9a102. https://github.com/mssalvatore/CVE-2019-14751_PoC3. https://github.com/nltk/nltk/blob/3.4.5/ChangeLog4. https://github.com/pypa/advisory-database/tree/main/vulns/nltk/PYSEC-2019-106.yaml5. https://lists.fedoraproject.org/archives/list/[email protected]/message/QI4IJGLZQ5S7C5LNRNROHAO2P526XE3D6. https://lists.fedoraproject.org/archives/list/[email protected]/message/ZGZSSEJH7RHH3RBUEVWWYT75QU67J7SE7. https://salvatoresecurity.com/zip-slip-in-nltk-cve-2019-147518. http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00054.html9. http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00001.html

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.