CVE-2019-13623

Name of the Vulnerable Software and Affected Versions Ghidra versions prior to 9.1

Description The issue allows path traversal in certain scenarios, potentially enabling attackers to overwrite arbitrary files. This can be achieved by using an archive with an executable file that has an initial ../ in its filename. In some cases, this could lead to arbitrary code execution if critical modules, such as the decompile module, are overwritten.

Recommendations For versions prior to 9.1, update to version 9.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of archives with executable files that have an initial ../ in their filename to minimize the risk of exploitation.