MiracleLinux 8 : cups-2.2.6-40.el8 (AXSA:2021-2667:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2667:04 advisory. cups: access to uninitialized buffer in ipp.c CVE-2020-10001 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Out-of-bounds

In ippSetValueTag of ipp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of past print jobs or other print-related information, with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40112

CVE-2023-40112 describes a likely out-of-bounds read in the printer subsystem: the function ippSetValueTag in ipp.c performs a missing bounds check, potentially allowing local disclosure of past print jobs or other print-related data. Exploitation is described as local (no remote access) with no ...

ASB-A-168903843

In ippSetValueTag of ipp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of past print jobs or other print-related information, with no additional execution privileges needed. User interaction is not needed for exploitation...

CLSA-2022-1643198602 Fix of CVE: CVE-2020-10001

CVE-2020-10001: 1927452 cups: access to uninitialized buffer in ipp.c rhel-8...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2021-1996)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : cups (EulerOS-SA-2020-1461)

According to the versions of the cups package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The addjob function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by...

CVE-2017-18248

The addjob function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification...

[slackware-security] cups

CUPS was found to contain errors in ipp.c which could allow a remote attacker to crash CUPS, resulting in a denial of service. If you use CUPS, it is recommended to update to the latest package for your version of Slackware. The latest cups package is available for Slackware -current, and patched...