Ghostscript/ImageMagick remote code execution vulnerability
Incident Report for Pantheon Operations
Resolved
Pantheon is aware of the CERT Ghostscript vulnerability VU#332928 [1]. There is currently no patch available and Pantheon has not taken any action to remediate. We advise you to disable access to image processing to untrusted users if your site uses ImageMagick or Ghostscript directly. See the Pantheon External Libraries documentation [2] for more information on configuring ImageMagick.

[1] - https://www.kb.cert.org/vuls/id/332928
[2] - https://pantheon.io/docs/external-libraries/
Posted 10 months ago. Aug 29, 2018 - 09:39 PDT