Advisories ยป MGASA-2020-0160

Updated python-nltk packages fix security vulnerability

Publication date: 05 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-14751

Description

Updated python-ntlk package fixes security vulnerability:

A vulnerability was found in NLTK Downloader before 3.4.5 is vulnerable
to a directory traversal, allowing attackers to write arbitrary files via
a ../ in an NLTK package (ZIP archive) that is mishandled during extraction
(CVE-2019-14751).
                

References

SRPMS

7/core