vulnerability

Huawei EulerOS: CVE-2021-3781: ghostscript security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Feb 16, 2022	Jun 16, 2022	Apr 1, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Feb 16, 2022

Added

Jun 16, 2022

Modified

Apr 1, 2026

Description

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Solutions

huawei-euleros-2_0_sp9-upgrade-ghostscripthuawei-euleros-2_0_sp9-upgrade-ghostscript-help

References

CVE-2021-3781
https://attackerkb.com/topics/CVE-2021-3781
CWE-20
CWE-78
EULEROS-EulerOS-SA-2022-1863
EUVD-EUVD-2021-27045
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-27045

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report