OPENSUSE-SU-2026:20812-1 Security update for cups

This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...

Amazon Linux 2023 : cups, cups-client, cups-devel (ALAS2023-2026-1668)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1668 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass...

CLSA-2026-1778163112 Update of cups

Merge of the Amazon Linux 2 cups package cups-1.6.3-51.amzn2.0.9...

Important: cups

Issue Overview: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside...

Fedora 42 : cups (2026-34454fdb74)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-34454fdb74 advisory. 2.4.17 - security fixes for CVE-2026-39316, CVE-2026-39314, CVE-2026-34979, CVE-2026-34990, CVE-2026-27447, CVE-2026-34978 Tenable has extracted the...

Slackware Linux 15.0 / current cups Multiple Vulnerabilities (SSA:2026-107-01)

The version of cups installed on the remote host is prior to 2.4.17. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-107-01 advisory. New cups packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

openSUSE 16 Security Update : cups (openSUSE-SU-2026:20172-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20172-1 advisory. Update to version 2.4.16. Security issues fixed: - CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues bsc1253783. ...

MiracleLinux 8 : cups-2.2.6-66.el8_10 (AXSA:2026-042:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-042:02 advisory. CUPS: Local denial-of-service via cupsd.conf update and related issues CVE-2025-61915 cups: Slow client communication leads to a possible DoS attack...

MiracleLinux 4 : cups-1.4.2-67.1.0.1.AXS4 (AXSA:2015-156:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-156:01 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to...

MiracleLinux 3 : cups-1.3.7-11.6.0.1.AXS3 (AXSA:2010-142:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-142:01 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to promote a...

MiracleLinux 8 : cups-2.2.6-63.el8_10 (AXSA:2025-10849:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10849:06 advisory. cups: Authentication Bypass in CUPS Authorization Handling CVE-2025-58060 Tenable has extracted the preceding description block directly from the MiracleLin...

Advisory ROSA-SA-2025-3055

Software: cups 2.2.6 OS: ROSA Virtualization 3.1 unaffected versions = cups-2.2.6-63.rv31 affected versions cups-2.2.6-63.rv31 CVE-ID: CVE-2025-58060 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CUPS Common UNIX Printing System is related to flaws in the authentication procedure...

Advisory ROSA-SA-2025-3041

Software: cups 2.2.6 OS: ROSA Virtualization 3.0 unaffected versions = cups-2.2.6-63.rv30 affected versions cups-2.2.6-63.rv30 CVE-ID: CVE-2025-58060 BDU-ID: 2025-11019 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CUPS Common UNIX Printing System is related to flaws in the authentication...

Slackware Linux 15.0 / current cups Multiple Vulnerabilities (SSA:2025-255-01)

The version of cups installed on the remote host is prior to 2.4.14. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-255-01 advisory. New cups packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2011-3170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote...

cups-browsed Information Disclosure

Retrieve CUPS version and kernel version information from cups-browsed services. Module Options msf use auxiliary/scanner/misc/cupsbrowsedinfodisclosure msf auxiliarycupsbrowsedinfodisclosure show actions ...actions... msf auxiliarycupsbrowsedinfodisclosure set ACTION msf...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2024-1135)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : cups (EulerOS-SA-2023-3266)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based...

EulerOS 2.0 SP10 : cups (EulerOS-SA-2023-3203)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based...

EulerOS 2.0 SP11 : cups (EulerOS-SA-2023-3238)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based...