Lucene search
MitreVULNRICHMENT:CVE-2024-39705HistoryJun 27, 2024 - 12:00 a.m.
CVE-2024-39705
2024-06-2700:00:00
mitre
github.com
8
nltk
remote code execution
untrusted packages
pickled python code
averaged_perceptron_tagger
punkt
AI Score
8.2
Confidence
Low
EPSS
0
Percentile
16.3%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:nltk:nltk:*:*:*:*:*:*:*:*"
],
"vendor": "nltk",
"product": "nltk",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "3.8.1"
}
],
"defaultStatus": "unknown"
}
]Related
veracode
veracode
Remote Code Execution
2024-06-28 12:31:56
cve
cve
CVE-2024-39705
2024-06-27 22:15:10
osv
osv
CGA-whw8-5gwm-mw58
2024-09-25 05:37:04
Security update for python-nltk
2024-07-26 10:32:35
CGA-4rpm-rh56-9fq5
2024-08-21 11:05:07
nvd
nvd
CVE-2024-39705
2024-06-27 22:15:10
ubuntucve
ubuntucve
CVE-2024-39705
2024-06-27 00:00:00
nessus
nessus
openSUSE 15 Security Update : python-nltk (openSUSE-SU-2024:0222-1)
2024-07-27 00:00:00
debiancve
debiancve
CVE-2024-39705
2024-06-27 22:15:10
github
github
ntlk unsafe deserialization vulnerability
2024-06-28 00:33:31
cvelist
cvelist
CVE-2024-39705
2024-06-27 00:00:00
wolfi
wolfi
CVE-2024-39705 vulnerabilities
2024-10-01 21:13:23
ibm
ibm
AI Score
8.2
Confidence
Low
EPSS
0
Percentile
16.3%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-39705