NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.
nltk is vulnerable to Inefficient Regular Expression Complexity
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. is vulnerable to regular expression denial of service (ReDoS) attacks. The vulnerability is present in PunktSentenceTokenizer, sent_tokenize and word_tokenize. Any users of this class, or these two functions, is vulnerable to the ReDoS attack. In short, a specifically crafted long input to any of these vulnerable …
nltk is vulnerable to Inefficient Regular Expression Complexity
NLTK Downloader is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ in an NLTK package (ZIP archive) that is mishandled during extraction.