CVE-2023-44464

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 29, 2023

Updated: Oct 12, 2023

Summary

CVE-2023-44464 is a vulnerability affecting pretix before version 2023.7.2. This issue permits the Pillow library to parse EPS (Encapsulated PostScript) files in pretix, potentially leading to arbitrary code execution if a specially crafted EPS file is opened. An attacker could exploit this vulnerability to gain unauthorized access or cause damage to the targeted system. Users are advised to update pretix to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Rami Pretix

Affected Vendors

RAMI

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s0_dFJ
https://www.cve.org/CVERecord?id=CVE-2023-44464
https://nvd.nist.gov/vuln/detail/CVE-2023-44464

Back to Vulnerability Database