75 matches found
OESA-2026-2197 cups security update
CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers. Security Fixes: OpenPrinting CUPS is an open source printing system for Linux and othe...
CVE-2026-41079
OpenPrinting CUPS (prior to 2.4.17) is vulnerable to a network-adjacent attacker who can send a crafted SNMP response to the CUPS SNMP backend, causing an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory is interpreted from UTF-16 to UTF-8 and stored as printer supply ...
EUVD-2026-25574
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...
CVE-2026-39314
A flaw was found in CUPS, an open-source printing system. An unprivileged local user can exploit an integer underflow vulnerability by providing a negative job-password-supported Internet Printing Protocol IPP attribute. This manipulation causes the cupsd root process to crash, which can be...
UBUNTU-CVE-2026-34979
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, there is a heap-based buffer overflow in the CUPS scheduler when building filter option strings from job attribute. At time of publication, there are no publicly...
CVE-2026-34978
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside CacheDir/rss...
CVE-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache)
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside CacheDir/rss...
MiracleLinux 3 : cups-1.3.7-11.3.1AXS3 (AXSA:2009-414:03)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-414:03 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to...
cups: Slow client communication leads to a possible DoS attack
A flaw was found in cups. A client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients...
Medium: cups-filters
Issue Overview: CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. In CUPS-Filters versions up to and...
RLSA-2025:22063 Moderate: cups security update
The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS CVE-2025-58364 For more details about the security issues, including the impact, a CVSS...
UBUNTU-CVE-2025-61915
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config a...
CLSA-2025-1760984077 cups: Fix of CVE-2025-58364
CVE-2025-58364: fix handling of extension tag in ippreadio...
RHEL 8 : cups (RHSA-2025:17164)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:17164 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups:...
OESA-2025-2334 cups security update
CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers. Security Fixes: 'Hi all,\n\nthere is important security vulnerability in...
CVE-2025-58060
Summary: CVE-2025-58060 affects OpenPrinting CUPS and related package updates across Linux distributions, allowing authentication bypass when AuthType is not Basic but the request carries an Authorization: Basic header. The root cause is improper validation in cupsdAuthorize(), which can bypass p...
PT-2025-37253
Name of the Vulnerable Software and Affected Versions: CUPS versions 2.4.12 and earlier Description: CUPS Common Unix Printing System is an open-source printing system for Linux and Unix-like operating systems. Versions 2.4.12 and earlier are susceptible to a remote denial of service due to unsaf...
TencentOS Server 3: cups (TSSA-2022:0154)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0154 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Huawei EulerOS: Security Advisory for cups-filters (EulerOS-SA-2025-1118)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
cups: libppd: remote command injection via attacker controlled data in PPD file
A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...