{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "0"
              },
              {
                "last_affected": "9.0.4"
              }
            ]
          },
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "6b4d64a2ac07f154bf1fca307ad99aaa522d41e4"
            }
          ],
          "repo": "https://github.com/nationalsecurityagency/ghidra",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "NSA Ghidra through 9.0.4 uses a potentially untrusted search path. When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the \"Ghidra Codebrowser \u003e Window \u003e Python\" option, Ghidra will try to execute the cmd.exe program from this working directory.",
  "id": "CVE-2019-17664",
  "modified": "2026-03-13T21:46:50.006357392Z",
  "published": "2019-10-16T20:15:11.183Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/NationalSecurityAgency/ghidra/issues/107"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}