Lucene search
K

125 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and earlier, there was an integer underflow vulnerability in the ppdCreateFromIPP function cups/ppd-cache.c. This vulnerability allowed any unprivileged local user to crash the...

6.2CVSS5.8AI score0.00154EPSS
Exploits1References2
OSV
OSV
added 2026/05/22 7:53 a.m.15 views

CLSA-2026-1779436377 cups: Fix of CVE-2026-27447

CVE-2026-27447: fix authorization bypass in cupsd by replacing case-insensitive username comparisons with byte-exact strcmp against pw-pwname; also include upstream follow-up commit 849fba7d "Fix unauthenticated print policies", Issue 1557 to restore behavior for CUPSDAUTHNONE policies with named...

6.3CVSS5.8AI score0.00317EPSS
Exploits1References1
OSV
OSV
added 2026/05/08 3:13 p.m.9 views

CLSA-2026-1778253061 Fix CVE(s): CVE-2026-27447

SECURITY UPDATE: fix authorization bypass in cupsd caused by case-insensitive comparison of local user and group names. - debian/patches/CVE-2026-27447.patch: compare usernames against the canonical pwname from getpwnam with strcmp in cupsdCheckGroup and cupsdIsAuthorized in scheduler/auth.c;...

6.3CVSS5.8AI score0.00317EPSS
Exploits1References1
OSV
OSV
added 2026/04/28 4:14 p.m.33 views

CLSA-2026-1777392877 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from IPP option values and allowlist PPD keywords returned by filters so a remote attacker cannot inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and gain code execution as the cupsd user...

7.5CVSS6.4AI score0.00502EPSS
Exploits1References1
OSV
OSV
added 2026/04/17 1:0 p.m.13 views

OESA-2026-1930 cups security update

CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers. Security Fixes: OpenPrinting CUPS is an open source printing system for Linux and othe...

6.2CVSS5.8AI score0.00178EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: cups (UTSA-2026-007174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007174 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coer...

7.8CVSS6.2AI score0.00289EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2026/04/09 8:1 a.m.6 views

CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported`

...

6.2CVSS5.7AI score0.00154EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/04/08 11:24 p.m.7 views

SUSE CVE-2026-39314

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

5.5CVSS5.8AI score0.00154EPSS
Exploits1References8
NVD
NVD
added 2026/04/07 5:16 p.m.7 views

CVE-2026-39314

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

6.2CVSS0.00154EPSS
Exploits1References1
OSV
OSV
added 2026/04/07 5:16 p.m.6 views

ALPINE-CVE-2026-39314

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

6.2CVSS5.3AI score0.00154EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/07 4:59 p.m.21 views

CVE-2026-39314 CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported`

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

4CVSS0.00154EPSS
Exploits1References1
CVE
CVE
added 2026/04/07 4:59 p.m.49 views

CVE-2026-39314

OpenPrinting CUPS (CVE-2026-39314) is vulnerable in versions 2.4.16 and prior. The root cause is an integer underflow in _ppdCreateFromIPP (cups/ppd-cache.c): a negative job-password-supported IPP attribute passes bounds checks, is cast to size_t, and is used as a length in memset() on a 33-byte ...

6.2CVSS5.9AI score0.00154EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.9 views

PT-2026-30924

Name of the Vulnerable Software and Affected Versions OpenPrinting CUPS versions 2.4.16 and prior Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. An integer underflow in the ppdCreateFromIPP function cups/ppd-cache.c allows a local...

7.8CVSS5.8AI score0.00502EPSS
Exploits7References59
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-34980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd wi...

7.5CVSS6.9AI score0.00502EPSS
Exploits1References4
NVD
NVD
added 2026/04/03 10:16 p.m.15 views

CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

7.8CVSS0.00289EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/04/03 9:18 p.m.5 views

CVE-2026-34980

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentication. The server...

7.5CVSS5.8AI score0.00502EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.3 views

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connected to cupsd but sent very slow messages—for example, only one byte per second—could cause cupsd to become unusable for other clients. This issue has...

5.5CVSS6AI score0.00195EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: cups (UTSA-2026-005326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005326 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sen...

5.5CVSS5.5AI score0.00195EPSS
Exploits1References4
OSV
OSV
added 2026/01/29 1:32 p.m.8 views

CLSA-2026-1769693558 cups: Fix of CVE-2025-58436

CVE-2025-58436: fix issue where slow messages could delay cupsd...

5.5CVSS5.8AI score0.00195EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : cups-2.2.6-66.el8_10 (AXSA:2026-042:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-042:02 advisory. CUPS: Local denial-of-service via cupsd.conf update and related issues CVE-2025-61915 cups: Slow client communication leads to a possible DoS attack...

6.7CVSS5.5AI score0.00409EPSS
Exploits2References3
Rows per page
Query Builder