VDB
CVE-2021-3828
CVE-2021-3828
PUBLISHED
CVSS 7.5 HIGH
nltk is vulnerable to Inefficient Regular Expression Complexity
EPSS 0.43% · 63.1th percentile
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.43%
63.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| nltk | nltk | 0 |
| PyPI | nltk | 0 |
| nltk | nltk/nltk | * |
Exploit Intelligence
Timeline
- Sep 27, 2021 CVE Published
- Sep 28, 2021 EPSS Score
- Oct 5, 2021 EPSS Score
- Oct 11, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 20, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 18, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 10, 2022 EPSS Score
- Sep 6, 2022 EPSS Score
- Nov 2, 2022 EPSS Score
References
- https://huntr.dev/bounties/d19aed43-75bc-4a03-91a0-4d0bb516bc32 url
- https://github.com/nltk/nltk/commit/277711ab1dec729e626b27aab6fa35ea5efbd7e6 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-3828 advisory
- https://github.com/nltk/nltk/pull/2816 url
- https://github.com/advisories/GHSA-2ww3-fxvq-293j advisory
- https://github.com/nltk/nltk package
- https://github.com/pypa/advisory-database/tree/main/vulns/nltk/PYSEC-2021-356.yaml url