AI Score
Confidence
High
EPSS
Percentile
53.8%
Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input.
github.com/NationalSecurityAgency/ghidra/issues/4869
github.com/NationalSecurityAgency/ghidra/pull/4872