How severe is CVE-2021-32773?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2021-32773?

This is classified as CWE-441, which is a common weakness in software security.

CVE-2021-32773

HIGH Year: 2021

CVSS v3 Score

7.5

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-441

View all →

Vulnerability Description

Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow system functions to be controlled by the attacker, giving access to facilities intended to be restricted. This problem is fixed in Racket version 8.2. A workaround is available, depending on system settings. For systems that provide arbitrary Racket evaluation, external sandboxing such as containers limit the impact of the problem. For multi-user evaluation systems, such as the `handin-server` system, it is not possible to work around this problem and upgrading is required.

CVE-2019-3924

HIGH

CVSS:7.5(High)

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A...

CWE-4412019

CVE-2020-26262

HIGH

CVSS:7.2(High)

Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.x...

CWE-4412020

CVE-2023-40111

HIGH

CVSS:7.8(High)

In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of system_server due to a confused deputy. This could lead to local escalation of privi...

CWE-4412023

CVE-2019-1841

HIGH

CVSS:8.1(High)

A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnera...

CWE-4412019

CVE-2018-12182

MEDIUM

CVSS:6.7(Medium)

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local acces...

CWE-4412018

CVE-2025-47269

HIGH

CVSS:8.3(High)

code-server runs VS Code on any machine anywhere through browser access. Prior to version 4.99.4, a maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the ses...

CWE-4412025

CVE-2021-32773

Vulnerability Description

Related Vulnerabilities

CVE-2019-3924

CVE-2020-26262

CVE-2023-40111

CVE-2019-1841

CVE-2018-12182

CVE-2025-47269