CVE-2019-3835 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Sandbox escape
Description	It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-929	ghostscript	9.26-2	9.27-1	High	Fixed	FS#62102

Date	Advisory	Group	Package	Severity	Type
11 Apr 2019	ASA-201904-5	AVG-929	ghostscript	High	sandbox escape

References
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2055917 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d683d1e6