Critical severity9.8NVD Advisory· Published Jan 6, 2023· Updated Jun 17, 2026
CVE-2023-22671
CVE-2023-22671
Description
Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- NSA/Ghidradescription
- Range: <=10.2.2
Patches
Vulnerability mechanics
References
2- github.com/NationalSecurityAgency/ghidra/pull/4872nvdPatchThird Party Advisory
- github.com/NationalSecurityAgency/ghidra/issues/4869nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.