{"api_version":"1","generated_at":"2026-04-22T23:09:35+00:00","cve":"CVE-2021-3781","urls":{"html":"https://cve.report/CVE-2021-3781","api":"https://cve.report/api/cve/CVE-2021-3781.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-3781","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-3781"},"summary":{"title":"CVE-2021-3781","description":"A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2022-02-16 19:15:00","updated_at":"2023-06-26 18:56:00"},"problem_types":["CWE-78"],"metrics":[],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002271","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2002271","refsource":"MISC","tags":[],"title":"2002271 – (CVE-2021-3781) CVE-2021-3781 ghostscript: sandbox escape using '%pipe%'","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202211-11","name":"GLSA-202211-11","refsource":"GENTOO","tags":[],"title":"GPL Ghostscript: Multiple Vulnerabilities (GLSA 202211-11) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://ghostscript.com/CVE-2021-3781.html","name":"https://ghostscript.com/CVE-2021-3781.html","refsource":"MISC","tags":[],"title":"Ghostscript : CVE-2021-3781","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-3781","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3781","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"3781","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"artifex","cpe5":"ghostscript","cpe6":"9.50","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3781","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"artifex","cpe5":"ghostscript","cpe6":"9.52","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3781","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"artifex","cpe5":"ghostscript","cpe6":"9.53.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3781","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"artifex","cpe5":"ghostscript","cpe6":"9.54.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3781","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-3781","qid":"178789","title":"Debian Security Update for ghostscript (DSA 4972-1)"},{"cve":"CVE-2021-3781","qid":"183563","title":"Debian Security Update for ghostscript (CVE-2021-3781)"},{"cve":"CVE-2021-3781","qid":"198494","title":"Ubuntu Security Notification for Ghostscript Vulnerability (USN-5075-1)"},{"cve":"CVE-2021-3781","qid":"281911","title":"Fedora Security Update for ghostscript (FEDORA-2021-256c80b4eb)"},{"cve":"CVE-2021-3781","qid":"281927","title":"Fedora Security Update for ghostscript (FEDORA-2021-be0a93fb15)"},{"cve":"CVE-2021-3781","qid":"501410","title":"Alpine Linux Security Update for ghostscript"},{"cve":"CVE-2021-3781","qid":"501741","title":"Alpine Linux Security Update for ghostscript"},{"cve":"CVE-2021-3781","qid":"503959","title":"Alpine Linux Security Update for ghostscript"},{"cve":"CVE-2021-3781","qid":"671746","title":"EulerOS Security Update for ghostscript (EulerOS-SA-2022-1804)"},{"cve":"CVE-2021-3781","qid":"671748","title":"EulerOS Security Update for ghostscript (EulerOS-SA-2022-1787)"},{"cve":"CVE-2021-3781","qid":"671798","title":"EulerOS Security Update for ghostscript (EulerOS-SA-2022-1839)"},{"cve":"CVE-2021-3781","qid":"671805","title":"EulerOS Security Update for ghostscript (EulerOS-SA-2022-1863)"},{"cve":"CVE-2021-3781","qid":"710680","title":"Gentoo Linux GPL Ghostscript Multiple Vulnerabilities (GLSA 202211-11)"},{"cve":"CVE-2021-3781","qid":"751136","title":"SUSE Enterprise Linux Security Update for ghostscript (SUSE-SU-2021:3044-1)"},{"cve":"CVE-2021-3781","qid":"751139","title":"OpenSUSE Security Update for ghostscript (openSUSE-SU-2021:3044-1)"},{"cve":"CVE-2021-3781","qid":"751150","title":"OpenSUSE Security Update for ghostscript (openSUSE-SU-2021:1273-1)"},{"cve":"CVE-2021-3781","qid":"751153","title":"SUSE Enterprise Linux Security Update for ghostscript (SUSE-SU-2021:3180-1)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-3781","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"ghostscript","version":{"version_data":[{"version_value":"ghostpdl 9.55.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2002271","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002271"},{"refsource":"MISC","name":"https://ghostscript.com/CVE-2021-3781.html","url":"https://ghostscript.com/CVE-2021-3781.html"},{"refsource":"GENTOO","name":"GLSA-202211-11","url":"https://security.gentoo.org/glsa/202211-11"}]},"description":{"description_data":[{"lang":"eng","value":"A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."}]}},"nvd":{"publishedDate":"2022-02-16 19:15:00","lastModifiedDate":"2023-06-26 18:56:00","problem_types":["CWE-78"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.9,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.1,"impactScore":6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":9.3},"severity":"HIGH","exploitabilityScore":8.6,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:artifex:ghostscript:9.52:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:artifex:ghostscript:9.50:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:artifex:ghostscript:9.53.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:artifex:ghostscript:9.54.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"3781","Ordinal":"216572","Title":"CVE-2021-3781","CVE":"CVE-2021-3781","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"3781","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}