A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-02-16T00:00:00

Updated: 2024-08-03T17:09:08.668Z

Reserved: 2021-09-09T00:00:00

Link: CVE-2021-3781

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-16T19:15:08.817

Modified: 2024-11-21T06:22:24.880

Link: CVE-2021-3781

cve-icon Redhat

Severity : Important

Publid Date: 2021-09-10T00:00:00Z

Links: CVE-2021-3781 - Bugzilla