How severe is CVE-2021-3781?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.9 out of 10.

What type of vulnerability is CVE-2021-3781?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2021-3781 - CRITICAL Severity | CVSS 9.9

Vulnerability Description

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Related Vulnerabilities

CVE-2018-20162

CRITICAL

CVSS:9.9(Critical)

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary command...

CWE-202018

CVE-2021-43779

CRITICAL

CVSS:9.9(Critical)

GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability...

CWE-202021

CVE-2022-0415

CRITICAL

CVSS:9.9(Critical)

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.

CWE-202022

CVE-2022-26780

CRITICAL

CVSS:9.9(Critical)

Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code executio...

CWE-202022

CVE-2022-26781

CRITICAL

CVSS:9.9(Critical)

CWE-202022

CVE-2022-26782

CRITICAL

CVSS:9.9(Critical)

CWE-202022