cbcvebase.
CVE-2024-39705
published 2024-06-27

CVE-2024-39705: NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used…

PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.35%
67.9th percentile
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.

Affected

4 ranges
VendorProductVersion rangeFixed in
debiannltk< nltk 3.9.1-1 (forky)nltk 3.9.1-1 (forky)
nltknltk>= 0 < 3.9.1-13.9.1-1
nltknltk>= 0 < 3.9.1-13.9.1-1
nltknltk>= 0 < 3.93.9

Detection & IOCsextracted from sources · hover to see the quote

  • Remote code execution vector involves NLTK's integrated data package download functionality loading pickled Python code from untrusted packages — monitor for nltk.download() calls that fetch packages such as 'averaged_perceptron_tagger' or 'punkt' from non-official or tampered sources
  • Flag use of NLTK versions up to and including 3.8.1 in environments where nltk.download() is invoked, as these are vulnerable to RCE via malicious pickled data packages
  • ·Vulnerability is only exploitable when the integrated NLTK data package download functionality is used AND the downloaded packages originate from or have been tampered by an untrusted source — air-gapped or strictly controlled package mirrors reduce exposure
  • ·Debian bookworm and bullseye remain open/unpatched as of the tracker; only forky, sid, and trixie have resolved the issue with NLTK 3.9.1-1

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.