Headline
GHSA-cgvx-9447-vcch: ntlk unsafe deserialization vulnerability
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.
ntlk unsafe deserialization vulnerability
High severity GitHub Reviewed Published Jun 28, 2024 to the GitHub Advisory Database • Updated Jun 28, 2024