CVE-2019-14751

Public Exploit

Description

NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.

References

Link	Tags
https://github.com/nltk/nltk/blob/3.4.5/ChangeLog	release notes
https://github.com/nltk/nltk/commit/f59d7ed8df2e0e957f7f247fe218032abdbe9a10	patch
https://salvatoresecurity.com/zip-slip-in-nltk-cve-2019-14751/	exploit third party advisory patch
https://github.com/mssalvatore/CVE-2019-14751_PoC	exploit third party advisory patch
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGZSSEJH7RHH3RBUEVWWYT75QU67J7SE/	vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI4IJGLZQ5S7C5LNRNROHAO2P526XE3D/	vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00054.html	vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00001.html	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2019-14751?: CVE-2019-14751 has been scored as a high severity vulnerability.
How to fix CVE-2019-14751?: To fix CVE-2019-14751, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2019-14751 being actively exploited in the wild?: It is possible that CVE-2019-14751 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~9% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-22 – Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

References

Frequently Asked Questions