{"id":"CVE-2021-3828","details":"nltk is vulnerable to Inefficient Regular Expression Complexity","aliases":["GHSA-2ww3-fxvq-293j","PYSEC-2021-356"],"modified":"2026-04-16T04:38:50.220518508Z","published":"2021-09-27T13:15:07.993Z","related":["openSUSE-SU-2022:10040-1","openSUSE-SU-2024:11958-1","openSUSE-SU-2025:15099-1"],"references":[{"type":"FIX","url":"https://github.com/nltk/nltk/commit/277711ab1dec729e626b27aab6fa35ea5efbd7e6"},{"type":"FIX","url":"https://huntr.dev/bounties/d19aed43-75bc-4a03-91a0-4d0bb516bc32"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nltk/nltk","events":[{"introduced":"0"},{"last_affected":"a1034bbec30c2ec5765c9497cb8167b26a3c5d0e"},{"fixed":"277711ab1dec729e626b27aab6fa35ea5efbd7e6"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.6.3"}]}}],"versions":["2.0.1rc1","2.0.1rc2","2.0.1rc3","2.0.1rc4","3.0.0b1","3.0.2","3.0.3","3.0.4","3.0.5","3.0a4","3.1","3.2","3.2.1","3.2.2","3.2.3","3.2.4","3.2.5","3.3","3.4","3.4.1","3.4.3","3.4.4","3.5","3.5b1","3.6","3.6.1","3.6.2","3.6.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3828.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}