CVE-2023-44464

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-44464
pretix before 2023.7.2 allows Pillow to parse EPS files.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e Patch
https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2 Patch
https://github.com/pretix/pretix/tags Release Notes
https://pretix.eu/about/de/blog/20230912-release-2023-7-2/ Vendor Advisory
https://pretix.eu/about/en/ticketing Product
https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e Patch
https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2 Patch
https://github.com/pretix/pretix/tags Release Notes
https://pretix.eu/about/de/blog/20230912-release-2023-7-2/ Vendor Advisory
https://pretix.eu/about/en/ticketing Product
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rami:pretix:*:*:*:*:*:*:*:*
cpe:2.3:a:rami:pretix:*:*:*:*:*:*:*:*
cpe:2.3:a:rami:pretix:*:*:*:*:*:*:*:*
History

21 Nov 2024, 08:25

Type Values Removed Values Added
References () https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e - Patch () https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e - Patch
References () https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2 - Patch () https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2 - Patch
References () https://github.com/pretix/pretix/tags - Release Notes () https://github.com/pretix/pretix/tags - Release Notes
References () https://pretix.eu/about/de/blog/20230912-release-2023-7-2/ - Vendor Advisory () https://pretix.eu/about/de/blog/20230912-release-2023-7-2/ - Vendor Advisory
References () https://pretix.eu/about/en/ticketing - Product () https://pretix.eu/about/en/ticketing - Product

12 Oct 2023, 02:47

Type Values Removed Values Added
References (CONFIRM) https://pretix.eu/about/de/blog/20230912-release-2023-7-2/ - (CONFIRM) https://pretix.eu/about/de/blog/20230912-release-2023-7-2/ - Vendor Advisory

04 Oct 2023, 20:15

Type Values Removed Values Added
References
  • (CONFIRM) https://pretix.eu/about/de/blog/20230912-release-2023-7-2/ -

02 Oct 2023, 12:51

Type Values Removed Values Added
First Time Rami pretix
Rami
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CPE cpe:2.3:a:rami:pretix:*:*:*:*:*:*:*:*
References (MISC) https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2 - (MISC) https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2 - Patch
References (MISC) https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e - (MISC) https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e - Patch
References (MISC) https://github.com/pretix/pretix/tags - (MISC) https://github.com/pretix/pretix/tags - Release Notes
References (MISC) https://pretix.eu/about/en/ticketing - (MISC) https://pretix.eu/about/en/ticketing - Product

29 Sep 2023, 05:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-09-29 05:15

Updated : 2024-11-21 08:25

NVD link : CVE-2023-44464

Mitre link : CVE-2023-44464

CVE.ORG link : CVE-2023-44464

JSON object : View

Products Affected

rami

  • pretix
CWE
NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024