Oval Definition:	oval:org.opensuse.security:def:201914751
Revision Date: 2022-06-30 Version: 1 Title: CVE-2019-14751 Description: NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-14751 openSUSE-SU-2020:0436-1 openSUSE-SU-2020:0440-1 Mitre CVE-2019-14751 SUSE CVE-2019-14751 openSUSE-SU-2020:0436-1 openSUSE-SU-2020:0440-1 Platform(s): openSUSE Leap 15.1 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0 SUSE Package Hub for SUSE Linux Enterprise 15 SP1 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information python-nltk-3.4.5-lp151.4.3 is installed AND python-nltk is signed with openSUSE key OR python2-nltk-3.4.5-lp151.4.3 is installed AND python2-nltk is signed with openSUSE key OR python3-nltk-3.4.5-lp151.4.3 is installed AND python3-nltk is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND Package Information python36-nltk-3.5-1.10 is installed OR python38-nltk-3.5-1.10 is installed OR python39-nltk-3.5-1.10 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 15 SP1 is installed AND Package Information python2-nltk-3.4.5-bp151.4.3.1 is installed OR python3-nltk-3.4.5-bp151.4.3.1 is installed
BACK