Improper Input Validation

Summary

NLTK versions through 3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the "StanfordSegmenter" module. The module dynamically loads external Java ".jar" files without verification or sandboxing. An attacker may supply or replace the JAR file, enabling execution of arbitrary Java bytecode at import time. This vulnerability may be exploited through methods such as Model Poisoning, Man-in-the-Middle (MitM) attacks, or Dependency Poisoning, potentially leading to Remote Code Execution (RCE). The issue arises from direct execution of the JAR file via "subprocess" with unvalidated "classpath" input, allowing malicious classes to execute when loaded by the JVM.