CyberSec.Space Logo
Back to CVE Browser

CVE-2021-3781

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.1710%
EPSS Percentile14.65th
PublishedFeb 16, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Affected Platforms (CPE)

πŸ“¦
Artifex

Ghostscript

= 9.50
πŸ“¦
Artifex

Ghostscript

= 9.52
πŸ“¦
Artifex

Ghostscript

= 9.53.3
πŸ“¦
Artifex

Ghostscript

= 9.54.0
πŸ’»
Fedoraproject

Fedora

= 34

References & Advisories

πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=2002271
πŸ”— https://ghostscript.com/CVE-2021-3781.html
πŸ”— https://security.gentoo.org/glsa/202211-11
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=2002271
πŸ”— https://ghostscript.com/CVE-2021-3781.html
πŸ”— https://security.gentoo.org/glsa/202211-11

Related Vulnerabilities

CVE-2020-276059.8

BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks...

CVE-2020-159009.8

A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow over...

CVE-2019-148139.8

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its p...

CVE-2020-367739.8

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) becaus...