cups: Local privilege escalation to root due to insecure environment variable handling

It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. Affected backends use attacker-controlled environment variables without proper sanitization. A local attacker, who is part of one of the groups specified in the SystemGroups directive, could use the...

The vulnerability of the CUPS printing server, related to authentication errors, allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the CUPS printing server is related to the SetEnv and PassEnv directives. Exploiting this vulnerability allows an attacker to execute arbitrary code with root privileges...