Ghidra Security Vulnerabilities and Issues — Ghidra CVE List

Lucene search

NsaGhidra

2 matches found

CVE•added 2019/07/17 3:15 a.m.•316 views

CVE-2019-13623

In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis res...

7.8CVSS7.7AI score0.04099EPSS

CVE•added 2019/07/17 3:15 a.m.•282 views

CVE-2019-13625

NSA Ghidra before 9.0.1 allows XXE when a project is opened or restored, or a tool is imported, as demonstrated by a project.prp file.

9.4CVSS9.1AI score0.00325EPSS