Количество 38
Количество 38
GHSA-phc2-g348-384g
CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.)
BDU:2024-09520
Уязвимость службы cups-browsed сервера печати CUPS, позволяющая нарушителю вызывать отказ в обслуживании
CVE-2024-47076
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.
CVE-2024-47076
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.
CVE-2024-47076
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.
CVE-2024-47076
CUPS is a standards-based, open-source printing system, and `libcupsfi ...
CVE-2024-47175
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.
CVE-2024-47175
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.
CVE-2024-47175
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.
CVE-2024-47175
CUPS is a standards-based, open-source printing system, and `libppd` c ...
BDU:2024-07644
Уязвимость функции cfGetPrinterAttributes5 библиотеки libcupsfilters сервера печати CUPS, позволяющая нарушителю раскрыть защищаемую информацию
SUSE-SU-2025:03225-1
Security update for cups-filters
RLSA-2025:0083
Low: cups security update
RLSA-2024:9470
Low: cups security update
ELSA-2025-0083
ELSA-2025-0083: cups security update (LOW)
ELSA-2024-9470
ELSA-2024-9470: cups security update (LOW)
BDU:2024-07645
Уязвимость функции ppdCreatePPDFromIPP2 библиотеки libppd сервера печати CUPS, позволяющая нарушителю записывать произвольные данные
SUSE-SU-2025:03261-1
Security update for cups
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-phc2-g348-384g CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.) | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | BDU:2024-09520 Уязвимость службы cups-browsed сервера печати CUPS, позволяющая нарушителю вызывать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-47076 CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. | CVSS3: 8.6 | 74% Высокий | около 1 года назад |
 | CVE-2024-47076 CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. | CVSS3: 8.2 | 74% Высокий | около 1 года назад |
 | CVE-2024-47076 CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. | CVSS3: 8.6 | 74% Высокий | около 1 года назад |
| CVE-2024-47076 CUPS is a standards-based, open-source printing system, and `libcupsfi ... | CVSS3: 8.6 | 74% Высокий | около 1 года назад |
| CVE-2024-47175 CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176. | CVSS3: 8.6 | 29% Средний | около 1 года назад |
| CVE-2024-47175 CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176. | CVSS3: 7.7 | 29% Средний | около 1 года назад |
| CVE-2024-47175 CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176. | CVSS3: 8.6 | 29% Средний | около 1 года назад |
| CVE-2024-47175 CUPS is a standards-based, open-source printing system, and `libppd` c ... | CVSS3: 8.6 | 29% Средний | около 1 года назад |
| BDU:2024-07644 Уязвимость функции cfGetPrinterAttributes5 библиотеки libcupsfilters сервера печати CUPS, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 6.8 | 74% Высокий | около 1 года назад |
 | SUSE-SU-2025:03225-1 Security update for cups-filters | 29% Средний | около 2 месяцев назад | |
 | RLSA-2025:0083 Low: cups security update | 29% Средний | 10 месяцев назад | |
| RLSA-2024:9470 Low: cups security update | 29% Средний | 8 месяцев назад | |
| ELSA-2025-0083 ELSA-2025-0083: cups security update (LOW) | 10 месяцев назад | ||
| ELSA-2024-9470 ELSA-2024-9470: cups security update (LOW) | 12 месяцев назад | ||
| BDU:2024-07645 Уязвимость функции ppdCreatePPDFromIPP2 библиотеки libppd сервера печати CUPS, позволяющая нарушителю записывать произвольные данные | CVSS3: 6.8 | 29% Средний | около 1 года назад |
| SUSE-SU-2025:03261-1 Security update for cups | около 2 месяцев назад |
Уязвимостей на страницу