Tools like ImageMagick commonly accept graphics in PostScript format, which they render through Ghostscript. Trouble is, there are holes in Ghostscript that can be exploited by malicious parties. In short, you should not be accepting PostScript data from untrusted parties. The fact that PostScript is a full programming language just makes it harder -- in terms of vulnerability exposure, it’s similar to JavaScript, except that I think a lot more effort has gone into securing the latter. <https://www.theregister.co.uk/2018/08/23/imagemagick_ghostscript/>