OESA-2023-1734 cups security update

CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers.. Security Fixes: Due to failure in validating the length provided by an attacker-craft...

UBUNTU-CVE-2023-4504

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

OpenPrinting CUPS Buffer Error Vulnerability

OpenPrinting CUPS is a standards-based, open source printing system for Linux® and other Unix®-like operating systems from OpenPrinting, Inc. A security vulnerability exists in OpenPrinting CUPS that stems from an inability to verify the length of a CUPS document produced by an attacker, resultin...

cups-filters security update

An update is available for cups-filters. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cups-filters package contains back ends, filters, and other software...

cups: Information leak through Cups-Get-Document operation

A vulnerability was found in OpenPrinting CUPS. Unauthorized users are permitted to fetch documents over local or remote networks, leading to confidentiality breach...

Important: Red Hat Security Advisory: cups security update

An update for cups is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

The vulnerability of the format_log_line() function in the CUPS printing server allows a attacker to cause a service failure.

The vulnerability of the formatlogline function in the CUPS printing server is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Important: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

USN-6128-1 cups vulnerability

It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code...

SUSE CVE-2007-0720

The CUPS service on multiple platforms allows remote attackers to cause a denial of service service hang via a "partially-negotiated" SSL connection, which prevents other requests from being accepted...

SUSE CVE-2007-4045

The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation...

SUSE CVE-2008-1374

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888...

Important: Red Hat Security Advisory: cups security update

An update for cups is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: cups security and bug fix update

An update for cups is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

The vulnerability of the CUPS printing system relates to the occurrence of operations outside the buffer in memory. This allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the CUPS printing system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

cups: stack-buffer-overflow in libcups's asn1_get_packed function

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

Denial Of Service (DoS)

The Common UNIX Printing System CUPS is vulnerable to Denial of Service DoS. A use-after-free flaw was found in the way CUPS handled references in its file descriptors-handling interface. A remote attacker could, in a specially-crafted way, query for the list of current print jobs for a specific...

Denial Of Service (DoS)

The Common UNIX Printing System CUPS is vulnerable to Denial Of Service DoS. A bug was found in the way CUPS handled SSL negotiation. A remote user capable of connecting to the CUPS daemon could cause a denial of service to other CUPS users...

Access Restriction Bypass

The Common UNIX Printing System CUPS is vulnerable to local privilege escalation to root due to insecure environment variable handling...

CVE-2012-6094

CVE-2012-6094 affects the Common UNIX Printing System (CUPS). The issue is that the option to listen on localhost:631 is not honored, which could allow unauthorized access to the system’s web-based admin interface. Publicly documented mitigations include patches in cups updates (e.g., openSUSE cu...