Astra Linux - уязвимость в cups

CUPS is a standards-based, open-source printing system, and libppd can be used for supporting legacy PPD files. The ppdCreatePPDFromIPP2 function in libppd does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5,...

CLSA-2026-1777481673 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

CLSA-2026-1777480368 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

CLSA-2026-1777392623 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from IPP option values and allowlist PPD keywords returned by filters so a remote attacker cannot inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and gain code execution as the cupsd user...

CLSA-2026-1777042487 Fix CVE(s): CVE-2026-34980

SECURITY UPDATE: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job. - debian/patches/CVE-2026-34980.patch: filter out control characters from IPP option values in scheduler/job.c and filter out special PPD keywords in the CUPSDLOGPPD bran...

OESA-2026-1930 cups security update

CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers. Security Fixes: OpenPrinting CUPS is an open source printing system for Linux and othe...

CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported`

...

CVE-2026-39314

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

EUVD-2026-19805

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

MiracleLinux 9 : cups-2.3.3op2-31.el9 (AXSA:2024-9124:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9124:11 advisory. cups: libppd: remote command injection via attacker controlled data in PPD file Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : cups-filters-1.28.7-17.el9_4 (AXSA:2024-8862:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8862:03 advisory. cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source cups-filters: libcupsfilters: cfGetPrinterAttributes API...

MiracleLinux 8 : cups-filters-1.20.0-35.el8_10 (AXSA:2024-8879:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8879:04 advisory. cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source cups-filters: libcupsfilters: cfGetPrinterAttributes API...

MiracleLinux 3 : foomatic-3.0.2-47.3AX (AXSA:2011-294:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-294:01 advisory. Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. It contains utilities to generate driver...

MiracleLinux 8 : cups-2.2.6-62.el8_10 (AXSA:2025-9531:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9531:01 advisory. cups: libppd: remote command injection via attacker controlled data in PPD file CVE-2024-47175 Tenable has extracted the preceding description block directly...

TencentOS Server 3: cups (TSSA-2025:0028)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0028 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2017-6853

Malware in sbrugna...

EUVD-2011-2932

Malware in sbrugna...

EUVD-2011-2678

Malware in sbrugna...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups-filters (SUSE-SU-2025:03225-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03225-1 advisory. - CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PP...

SUSE-SU-2025:03225-1 Security update for cups-filters

This update for cups-filters fixes the following issues: - CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD bsc1230932...