Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-vp74-83h5-6967

Опубликовано: 29 апр. 2022
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.

EPSS

Процентиль: 65%
0.00487
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-178

Связанные уязвимости

CVSS3: 9.8
ubuntu
больше 20 лет назад

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.

redhat
больше 21 года назад

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.

CVSS3: 9.8
nvd
больше 20 лет назад

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.

CVSS3: 9.8
debian
больше 20 лет назад

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as cas ...

EPSS

Процентиль: 65%
0.00487
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-178