pkg:PyPI/pretix

All known vulnerabilities

• HIGH7.8CVE-2023-44464pretix allows Pillow to parse EPS files
  from 0, < 2023.7.2
• HIGH7.5CVE-2023-27891Insufficient Session Expiration in pretix
  from 0, < 4.17.1
• HIGH7.5CVE-2023-27891Insufficient Session Expiration in pretix
  >= 4.17.0, < 4.17.1
• MEDIUM6.1pretix has Email Content Injection Through Maliciously Formatted Names
  >= 1.0.0, < 2025.7.3
• MEDIUM6.1pretix has Email Content Injection Through Maliciously Formatted Names
  >= 1.0.0, < 2025.7.2
• MEDIUM5.9pretix unsafely evaluates variables in emails
  >= 4.16.0, < 2026.1.1
• MEDIUM5.9pretix unsafely evaluates variables in emails
  >= 2026.1.0, < 2026.1.1
• MEDIUM5.4pretix Stored Cross-site Scripting vulnerability
  from 0, < 2024.7.1
• MEDIUM5.4pretix Stored Cross-site Scripting vulnerability
  from 0, < 2024.7.1
• MEDIUM5.3pretix potential IP address spoofing vulnerability
  from 0, < 2023.7.1
• MEDIUM5.3pretix potential IP address spoofing vulnerability
  from 0, < ccdce2ccb8207b82501af3c03f50abc0f819b469 | from 0, < 2023.7.1
• MEDIUM4.3pretix: API leaks check-in data between events of the same organizer
  >= 2026.3.0, < 2026.3.1
• MEDIUM4.3pretix: API leaks check-in data between events of the same organizer
  >= 2025.10.0, < 2026.1.2, >= 2026.2.0, < 2026.2.1, >= 2026.3.0, < 2026.3.1
• —pretix has Broken Access Control Allowing Cross-User File Access via UUID
  >= 2025.10.0, < 2025.10.1
• —pretix has Broken Access Control Allowing Cross-User File Access via UUID
  >= 2025.10.0, < 2025.10.1
• —pretix mishandles file validation
  from 0, < 2024.1.1
• —pretix mishandles file validation
  from 0, < 2024.1.1