CVE-2023-44464
HIGH7.8EPSS 0.18%pretix allows Pillow to parse EPS files
Published: 9/29/2023Modified: 11/28/2024
Also known as:GHSA-9jvx-p6mq-fw4v
Description
pretix before 2023.7.2 allows Pillow to parse EPS files.
Affected packages (1)
- PyPI/pretixfrom 0, < 2023.7.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
References (7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-44464
- PATCHhttps://github.com/pretix/pretix
- WEBhttps://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e
- WEBhttps://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2
- WEBhttps://github.com/pretix/pretix/tags
- WEBhttps://pretix.eu/about/de/blog/20230912-release-2023-7-2
- WEBhttps://pretix.eu/about/en/ticketing