CVE-2023-44464
HIGH7.8EPSS 0.18%pretix allows Pillow to parse EPS files
發布日:2023/9/29修改日:2024/11/28
描述
pretix before 2023.7.2 allows Pillow to parse EPS files.
受影響套件(1)
- PyPI/pretixfrom 0, < 2023.7.2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
參考連結(7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-44464
- PATCHhttps://github.com/pretix/pretix
- WEBhttps://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e
- WEBhttps://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2
- WEBhttps://github.com/pretix/pretix/tags
- WEBhttps://pretix.eu/about/de/blog/20230912-release-2023-7-2
- WEBhttps://pretix.eu/about/en/ticketing