Explore top 10 tips to secure your open-source projects now. Read More
×
NLTK could be made to crash or run programs as your login if it opened a
specially crafted zip file.
Software Description:
- nltk: Natural Language Toolkit
Details:
It was discovered that NLTK incorrectly handled file extraction when
opening a maliciously crafted zip file. An attacker could possibly use this
issue to create or overwrite files on the system and execute arbitrary
code.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
python3-nltk 3.8.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
python3-nltk 3.7-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
python3-nltk 3.4.5-2ubuntu0.1~esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
python-nltk 3.2.5-1ubuntu0.1+esm3
Available with Ubuntu Pro
python3-nltk 3.2.5-1ubuntu0.1+esm3
Available with Ubuntu Pro
Ubuntu 16.04 LTS
python-nltk 3.1-1ubuntu0.1+esm3
Available with Ubuntu Pro
python3-nltk 3.1-1ubuntu0.1+esm3
Available with Ubuntu Pro
Ubuntu 14.04 LTS
python-nltk 2.0~b9-0ubuntu4.1~esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-8214-1
CVE-2025-14009
Get the latest Linux and open source security news straight to your inbox.