CVE-2019-6116 log

Severity High
Remote Yes
Type Sandbox escape
It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system and execute commands.
Group Package Affected Fixed Severity Status Ticket
AVG-860 ghostscript 9.26-1 9.26-2 High Fixed
Date Advisory Group Package Severity Type
29 Jan 2019 ASA-201901-18 AVG-860 ghostscript High sandbox escape