Security update for cups

This update for cups fixes the following issues: CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD bsc1230932. CVE-2025-58060: no password check when AuthType is se...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : CUPS vulnerabilities (USN-7745-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7745-1 advisory. It was discovered that CUPS incorrectly handled authentication types other than Basic. An attacke...

CVE-2025-10472 harry0703 MoneyPrinterTurbo URL video.py stream_video path traversal

A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function downloadvideo/streamvideo of the file app/controllers/v1/video.py of the component URL Handler. The manipulation of the argument filepath leads to path traversal. The attack can be...

SUSE SLES12 Security Update : cups (SUSE-SU-2025:03178-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03178-1 advisory. - CVE-2025-58060: no password check when AuthType is set to anything but Basic and a request is made with an Authorization: Basic header...

FreeBSD : cups -- security vulnerabilities (3aee6703-8ff6-11f0-b8da-589cfc10a551)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3aee6703-8ff6-11f0-b8da-589cfc10a551 advisory. OpenPrinting reports: When the AuthType is set to anything but Basic, if the request contains ...

CVE-2025-58364

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

CVE-2025-58364 cups: Remote DoS via null dereference

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

CVE-2025-58364 cups: Remote DoS via null dereference

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

CVE-2025-58364

OpenPrinting CUPS (versions ≤ 2.4.12) contains a vulnerability where unsafe deserialization/validation of printer attributes leads to a null dereference in libcups, causing remote DoS. Several connected advisories corroborate this, noting local-network exposure in default configurations and that ...

CVE-2025-58364

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

CVE-2025-58364

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

CVE-2025-58364 cups: Remote DoS via null dereference

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

Security update for cups

This update for cups fixes the following issues: CVE-2025-58060: no password check when AuthType is set to anything but Basic and a request is made with an Authorization: Basic header bsc1249049. CVE-2025-58364: unsafe deserialization and validation of printer attributes leads to NULL pointer...

USN-7745-1: CUPS vulnerabilities

It was discovered that CUPS incorrectly handled authentication types other than Basic. An attacker could possibly use this issue to bypass authentication. CVE-2025-58060 It was discovered that CUPS incorrectly handled deserialization and validation of printer attributes. An attacker could possibl...

USN-7745-1 cups vulnerabilities

It was discovered that CUPS incorrectly handled authentication types other than Basic. An attacker could possibly use this issue to bypass authentication. CVE-2025-58060 It was discovered that CUPS incorrectly handled deserialization and validation of printer attributes. An attacker could possibl...

OpenPrinting CUPS 代码问题漏洞

OpenPrinting CUPS is a standards-based open source printing system for Linux® and other Unix®-like operating systems from OpenPrinting, Inc. A code issue vulnerability exists in OpenPrinting CUPS versions 2.4.12 and earlier that stems from improper deserialization and validation of printer...

cups -- security vulnerabilities

OpenPrinting reports: When the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. An unsafe deserialization and validation of printer attributes, causes null dereference in libcups library...

Lexmark 安全漏洞

Lexmark is a line of printers from Lexmark, USA. A security vulnerability exists in Lexmark that stems from the vulnerability of the embedded web server to a server-side request forgery attack, which could lead to internal network access...

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.)

...

Linux Distros Unpatched Vulnerability : CVE-2024-45062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buff...