Test ID:	1.3.6.1.4.1.25623.1.0.877631
Category:	Fedora Local Security Checks
Title:	Fedora: Security Advisory for python-nltk (FEDORA-2020-0f785235bb)
Summary:	The remote host is missing an update for the 'python-nltk'; package(s) announced via the FEDORA-2020-0f785235bb advisory.
Description:	Summary: The remote host is missing an update for the 'python-nltk' package(s) announced via the FEDORA-2020-0f785235bb advisory. Vulnerability Insight: NLTK is a Python package that simplifies the construction of programs that process natural language, and defines standard interfaces between the different components of an NLP system. It was designed primarily to help teach graduate and undergraduate students about computational linguistics, but it is also useful as a framework for implementing research projects. Affected Software/OS: 'python-nltk' package(s) on Fedora 31. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14751 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QI4IJGLZQ5S7C5LNRNROHAO2P526XE3D/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGZSSEJH7RHH3RBUEVWWYT75QU67J7SE/ https://github.com/mssalvatore/CVE-2019-14751_PoC https://salvatoresecurity.com/zip-slip-in-nltk-cve-2019-14751/ SuSE Security Announcement: openSUSE-SU-2020:0436 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00054.html SuSE Security Announcement: openSUSE-SU-2020:0440 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00001.html
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.