Pretix Before 2024.1.1 Has File Validation Vulnerability
CVE-2024-27447

9.8CRITICAL

Key Information:

Vendor: pretix
Status: Pretix
Vendor: CVE Published:; 26 February 2024

What is CVE-2024-27447?

The Pretix Event Ticketing System suffers from a vulnerability that affects its file validation processes prior to version 2024.1.1. This flaw allows the potential for malicious files to be incorrectly validated, potentially leading to unauthorized access or manipulation. Organizations utilizing versions before 2024.1.1 should prioritize updating their systems to mitigate risks associated with this oversight.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/pretix/pretix/compare/v2023.10.2...v20...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 26, 2024
Vulnerability Reserved
Feb 26, 2024

JSON

pretix

What is CVE-2024-27447?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.