| Advisory
Products
MOOLE SCA
Continuous visibility into open-source risk
MOOLE Container Security
End-to-end container defense across the SDLC
MOOLE SAST
Static application security testing for source code
About Us
CVE-2023-44464
Vulnerability Database
pypi
CVE-2023-44464
Base Score
HIGH
7.8
CVE-2023-44464
pretix before 2023.7.2 allows Pillow to parse EPS files.
Vector
LOCAL
Published By
cve@mitre.org
Published Date
Sep 29, 2023, 05:15
Affected Versions
(1)
pretix
(PyPI)
Introduced
0
Fixed
2023.7.2
Limit
N/A
Package (Ecosystem)
Introduced
Fixed
Limit
pretix
(PyPI)
0
2023.7.2
N/A
Weakness Type (CWE)
:
NVD-CWE-noinfo
CVSS Metrics
CVSS v3.1
Base Score
7.8
Vector String
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
LOCAL
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
REQUIRED
Scope (S)
UNCHANGED
Confidentiality (C)
HIGH
Integrity (I)
HIGH
Availability (A)
HIGH
References
https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e
https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2
https://github.com/pretix/pretix/tags
https://pretix.eu/about/de/blog/20230912-release-2023-7-2/
https://pretix.eu/about/en/ticketing
Base Score
HIGH
7.8
Weakness Type (CWE)
:
NVD-CWE-noinfo
CVSS Metrics
CVSS v3.1
Base Score
7.8
Vector String
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
LOCAL
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
REQUIRED
Scope (S)
UNCHANGED
Confidentiality (C)
HIGH
Integrity (I)
HIGH
Availability (A)
HIGH
