Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:15 a.m.7 views

CVE-2023-22671

Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input...

9.8CVSS7.6AI score0.02885EPSS
Exploits1References1
NVD
NVD
added 2023/01/06 7:15 a.m.25 views

CVE-2023-22671

Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input...

9.8CVSS9.8AI score0.02885EPSS
Exploits1References2
OSV
OSV
added 2023/01/06 12:0 a.m.15 views

CVE-2023-22671

Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input...

9.8CVSS7.4AI score0.02885EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/01/06 12:0 a.m.5 views

CVE-2023-22671

Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input...

9.8AI score0.02885EPSS
Exploits1References2
CVE
CVE
added 2023/01/06 12:0 a.m.66 views

CVE-2023-22671

Ghidra NSA: CVE-2023-22671 affects Ghidra/RuntimeScripts/Linux/support/launch.sh through 10.2.2. Root cause: user input is passed to eval inside launch.sh, enabling command injection when analyzeHeadless is invoked with untrusted input. Impact is high (command injection as per CVSS 3.1) with pote...

9.8CVSS9.6AI score0.02885EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder