Lucene search
K

7 matches found

CVE
CVE
added 2022/05/26 5:47 p.m.1055 views

CVE-2022-26691

CVE-2022-26691 is a privilege-escalation issue in the CUPS printing system caused by a logic error in local authorization. Connected documentation shows affected packages across multiple distributions and versions, with patches released: e.g., cups

7.2CVSS6.1AI score0.00579EPSS
CVE
CVE
added 2023/09/21 10:47 p.m.540 views

CVE-2023-4504

CVE-2023-4504 affects the OpenPrinting CUPS stack and its libppd component, caused by a failure to validate the length of an attacker-crafted PPD PostScript document. This leads to a heap-based buffer overflow, with potential for code execution as described in the fixed release notes. The vulnera...

7CVSS7.6AI score0.00663EPSS
CVE
CVE
added 2025/09/11 5:6 p.m.449 views

CVE-2025-58060

Summary: CVE-2025-58060 affects OpenPrinting CUPS and related package updates across Linux distributions, allowing authentication bypass when AuthType is not Basic but the request carries an Authorization: Basic header. The root cause is improper validation in cupsdAuthorize(), which can bypass p...

8CVSS6.7AI score0.00964EPSS
CVE
CVE
added 2025/11/29 2:15 a.m.73 views

CVE-2025-58436

OpenPrinting CUPS (printing system) is affected by CVE-2025-58436 prior to version 2.4.15, where a slow client communicating with cupsd could cause the daemon to become unusable for other clients (DoS). The issue has been patched in 2.4.15; multiple advisories reference upgrading to a newer CUPS ...

5.5CVSS6.5AI score0.00195EPSS
CVE
CVE
added 2025/09/11 5:26 p.m.52 views

CVE-2025-58364

OpenPrinting CUPS (versions ≤ 2.4.12) contains a vulnerability where unsafe deserialization/validation of printer attributes leads to a null dereference in libcups, causing remote DoS. Several connected advisories corroborate this, noting local-network exposure in default configurations and that ...

6.5CVSS6.8AI score0.01063EPSS
CVE
CVE
added 2025/11/29 2:15 a.m.47 views

CVE-2025-61915

CVE-2025-61915 affects OpenPrinting CUPS. A user in the lpadmin group can use the cups web UI to alter cupsd.conf, which the root-running cupsd then parses, causing an out-of-bounds write. Impact exists locally (privileges required: HIGH) with potential DoS/compromised availability; patched in ve...

6.7CVSS6.5AI score0.00409EPSS
CVE
CVE
added 2026/04/24 4:54 p.m.31 views

CVE-2026-41079

OpenPrinting CUPS (prior to 2.4.17) is vulnerable to a network-adjacent attacker who can send a crafted SNMP response to the CUPS SNMP backend, causing an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory is interpreted from UTF-16 to UTF-8 and stored as printer supply ...

5.4CVSS5.3AI score0.00409EPSS