Search criteria
19 vulnerabilities found for CUPS by OpenPrinting
VAR-202205-1953
Vulnerability from variot - Updated: 2025-12-22 22:13A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. macOS contains an improper comparison vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This security vulnerability occurs when local authorization happens. This flaw allows an malicious user to authenticate to CUPS as root/admin without the 32-byte secret key and perform arbitrary code execution. (CVE-2022-26691). OADP enables both file system-based and snapshot-based backups for persistent volumes. Bugs fixed (https://bugzilla.redhat.com/):
2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter 2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode 2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
- JIRA issues fixed (https://issues.jboss.org/):
OADP-145 - Restic Restore stuck on InProgress status when app is deployed with DeploymentConfig OADP-154 - Ensure support for backing up resources based on different label selectors OADP-194 - Remove the registry dependency from OADP OADP-199 - Enable support for restore of existing resources OADP-224 - Restore silently ignore resources if they exist - restore log not updated OADP-225 - Restore doesn't update velero.io/backup-name when a resource is updated OADP-234 - Implementation of incremental restore OADP-324 - Add label to Expired backups failing garbage collection OADP-382 - 1.1: Update downstream OLM channels to support different x and y-stream releases OADP-422 - [GCP] An attempt of snapshoting volumes on CSI storageclass using Velero-native snapshots fails because it's unable to find the zone OADP-423 - CSI Backup is not blocked and does not wait for snapshot to complete OADP-478 - volumesnapshotcontent cannot be deleted; SnapshotDeleteError Failed to delete snapshot OADP-528 - The volumesnapshotcontent is not removed for the synced backup OADP-533 - OADP Backup via Ceph CSI snapshot hangs indefinitely on OpenShift v4.10 OADP-538 - typo on noDefaultBackupLocation error on DPA CR OADP-552 - Validate OADP with 4.11 and Pod Security Admissions OADP-558 - Empty Failed Backup CRs can't be removed OADP-585 - OADP 1.0.3: CSI functionality is broken on OCP 4.11 due to missing v1beta1 API version OADP-586 - registry deployment still exists on 1.1 build, and the registry pod gets recreated endlessly OADP-592 - OADP must-gather add support for insecure tls OADP-597 - BSL validation logs OADP-598 - Data mover performance on backup blocks backup process OADP-599 - [Data Mover] Datamover Restic secret cannot be configured per bsl OADP-600 - Operator should validate volsync installation and raise warning if data mover is enabled OADP-602 - Support GCP for openshift-velero-plugin registry OADP-605 - [OCP 4.11] CSI restore fails with admission webhook \"volumesnapshotclasses.snapshot.storage.k8s.io\" denied OADP-607 - DataMover: VSB is stuck on SnapshotBackupDone OADP-610 - Data mover fails if a stale volumesnapshot exists in application namespace OADP-613 - DataMover: upstream documentation refers wrong CRs OADP-637 - Restic backup fails with CA certificate OADP-643 - [Data Mover] VSB and VSR names are not unique OADP-644 - VolumeSnapshotBackup and VolumeSnapshotRestore timeouts should be configurable OADP-648 - Remove default limits for velero and restic pods OADP-652 - Data mover VolSync pod errors with Noobaa OADP-655 - DataMover: volsync-dst-vsr pod completes although not all items where restored in the namespace OADP-660 - Data mover restic secret does not support Azure OADP-698 - DataMover: volume-snapshot-mover pod points to upstream image OADP-715 - Restic restore fails: restic-wait container continuously fails with "Not found: /restores//.velero/" OADP-716 - Incremental restore: second restore of a namespace partially fails OADP-736 - Data mover VSB always fails with volsync 0.5
For the oldstable distribution (buster), this problem has been fixed in version 2.2.10-6+deb10u6.
For the stable distribution (bullseye), this problem has been fixed in version 2.3.3op2-3+deb11u2.
We recommend that you upgrade your cups packages.
For the detailed security status of cups please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cups
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmKP0LQACgkQEMKTtsN8 TjazShAAuLbe1vQOBAX5nUuVTW4fk96gzx899Aep8Wl4AWFmLRSWzdpPVeIEuWei wgQycz4YFzKNr+FeCBIx5ZwnmddPd30RYFQjgkUg/UbFD2z3yifT5M3OQRpgsE4+ EWGPR8V2vZEw+20H22ZhtXGzPiwM+czt120v2mBX2Zf2xOtPLAFtVcLJN5PJsgfO hEgHn5zUwumqYEzD7kZNgT98eHtrUvwO3nCveOXWzR4dMD/KgMmCGQIQi+dawEef JJNRgvqIgb2sqxxYPHlq/IHQ5H7/NeYfqsHZxf2sRcRRu3XVYql4wMOiegZRk3xz +inf0V4GbVBiMfjDJYv3WnsGzm7W4I6rMTfhSq783yXSh6AUt2l/u6xoc7ca6vvd lTk5l/9ZhsFxzWdAgUA7ceqmciXCE+yTGaRDw4yP05Vp4cTBKggOz7dws5t75ixH /JHwyVQ72AtFiMkMgRjKv8+zP0FbWiOrS3EDyvCjP3vx69dXie2Z1/HvGtoaFY4f HgjAbq2i+f8umwYvcf8cdErjRz9CIX09+TuX/J/M1D8X5TNw4KRx3DChca+o94+Q ZNznkpoCnMVfmUe83P8PgcGLMD0hGai5AnjlroDJyvZn3aD84PVLdDY35wnR/6eq DyB81widY5C9SURR/CUWXx2F1NaWLmAsQbLttlFLwzVqUTf76j8= =jd0o -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-5454-2 May 31, 2022
cups vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in CUPS. This update provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. (CVE-2022-26691)
It was discovered that CUPS incorrectly handled certain memory operations when handling IPP printing. A remote attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-8842, CVE-2020-10001)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: cups 2.1.3-4ubuntu0.11+esm1
In general, a standard system update will make all the necessary changes. Solution:
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly, for detailed release notes:
https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html
For Red Hat OpenShift Logging 5.4, see the following instructions to apply this update:
https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html
- Bugs fixed (https://bugzilla.redhat.com/):
2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS
- JIRA issues fixed (https://issues.jboss.org/):
LOG-2536 - Setting up ODF S3 for loki
LOG-2640 - [release-5.4] FluentdQueueLengthIncreasing rule failing to be evaluated.
LOG-2757 - [release-5.4] index rollover cronjob fails on openshift-logging operator
LOG-2762 - [release-5.4]Events and CLO csv are not collected after running oc adm must-gather --image=$downstream-clo-image
LOG-2780 - Loki cannot send logs after upgrade to 5.4.3 from 5.4.2 with 'http'
LOG-2781 - OpenShift Logging Dashboard for Elastic Shards shows "active_primary" instead of "active" shards.
LOG-2786 - [release-5.4] Token not added to Vector config when forwarding logs to Lokistack with Token+CA bundle.
LOG-2791 - [release-5.4] ElasticSearch operator does not respect referencePolicy when selecting oauth-proxy image
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: cups security update Advisory ID: RHSA-2022:4990-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:4990 Issue date: 2022-06-15 CVE Names: CVE-2022-26691 =====================================================================
- Summary:
An update for cups is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64
- Description:
The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.
Security Fix(es):
- cups: authorization bypass when using "local" authorization (CVE-2022-26691)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2084321 - CVE-2022-26691 cups: authorization bypass when using "local" authorization
- Package List:
Red Hat Enterprise Linux AppStream (v. 9):
aarch64: cups-2.3.3op2-13.el9_0.1.aarch64.rpm cups-client-2.3.3op2-13.el9_0.1.aarch64.rpm cups-client-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-debugsource-2.3.3op2-13.el9_0.1.aarch64.rpm cups-devel-2.3.3op2-13.el9_0.1.aarch64.rpm cups-ipptool-2.3.3op2-13.el9_0.1.aarch64.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-lpd-2.3.3op2-13.el9_0.1.aarch64.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-printerapp-2.3.3op2-13.el9_0.1.aarch64.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm
noarch: cups-filesystem-2.3.3op2-13.el9_0.1.noarch.rpm
ppc64le: cups-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-client-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-client-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-debugsource-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-devel-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-ipptool-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-lpd-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-printerapp-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm
s390x: cups-2.3.3op2-13.el9_0.1.s390x.rpm cups-client-2.3.3op2-13.el9_0.1.s390x.rpm cups-client-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-debugsource-2.3.3op2-13.el9_0.1.s390x.rpm cups-devel-2.3.3op2-13.el9_0.1.s390x.rpm cups-ipptool-2.3.3op2-13.el9_0.1.s390x.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-lpd-2.3.3op2-13.el9_0.1.s390x.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-printerapp-2.3.3op2-13.el9_0.1.s390x.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm
x86_64: cups-2.3.3op2-13.el9_0.1.x86_64.rpm cups-client-2.3.3op2-13.el9_0.1.x86_64.rpm cups-client-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-client-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-debugsource-2.3.3op2-13.el9_0.1.i686.rpm cups-debugsource-2.3.3op2-13.el9_0.1.x86_64.rpm cups-devel-2.3.3op2-13.el9_0.1.i686.rpm cups-devel-2.3.3op2-13.el9_0.1.x86_64.rpm cups-ipptool-2.3.3op2-13.el9_0.1.x86_64.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-lpd-2.3.3op2-13.el9_0.1.x86_64.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-printerapp-2.3.3op2-13.el9_0.1.x86_64.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 9):
Source: cups-2.3.3op2-13.el9_0.1.src.rpm
aarch64: cups-client-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-debugsource-2.3.3op2-13.el9_0.1.aarch64.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-libs-2.3.3op2-13.el9_0.1.aarch64.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm
ppc64le: cups-client-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-debugsource-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-libs-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm
s390x: cups-client-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-debugsource-2.3.3op2-13.el9_0.1.s390x.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-libs-2.3.3op2-13.el9_0.1.s390x.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm
x86_64: cups-client-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-client-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-debugsource-2.3.3op2-13.el9_0.1.i686.rpm cups-debugsource-2.3.3op2-13.el9_0.1.x86_64.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-libs-2.3.3op2-13.el9_0.1.i686.rpm cups-libs-2.3.3op2-13.el9_0.1.x86_64.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-libs-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-lpd-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm cups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-26691 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYqpyONzjgjWX9erEAQivKA//a6QQWxm7i+NbhcVKNCvCXKtVa8aPt04Z mtAojP0b59ifL1QjXr1Kr+pbW/oCP2fxdB2kN1L38mMo/u2pbM3DH4xVA709RgT0 ZHrnryfYjSyRq52/y9PNfUch6tOQAYIlfq7fdLGwSp94xTX+duvkDiyH30RHPlay glx/yjQvJzzbmClvl8oTU3qQngWmfrdVQlTjf9nUu3YiAfm8DkEE/wYEksOuKaRF xXVLSHXf3KVoMIidsEJPSBxFzxrbvT5Ggk7E2A7bRrmk67s7XUuFnATq9eypVXBu CGd00xIIvDHXtgqoHFPuBexqf9PLiIJ+I4XNT/2SCAMoqr6Csw2cZ+WrHMuIN2Uy Tf7RwazB7FUEf/7+YYE1o66UGFHs19lX24r2pixgFQI5PW7WKNLNVqfkuHogACnP CmiNoV/WHwDisuqi1jaT+JB+Yy3aRsCY+gVM0T6PzOKIgUptOKnbGnGexTak1qar NMT73SOTIeh7fL3cBd3I8ZK/ZX+0PdglxCpiEJbhIKnmQwSJIkdl+gSU/6078TdO tyDqBJgn8YyoFhAliaNq42T6kIVObtHwqpHwlgTPcKkiVWS5YHzdDBrykS+Z9/Eq DDpvi2UJn6AMaRk8Gs/RRWaaTiALNIRI5ipb6fM8TRYgW/Z9lKH+rjyInN48sMRJ ZFVu8coCFgE= =V3ej -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202402-17
https://security.gentoo.org/
Severity: High Title: CUPS: Multiple Vulnerabilities Date: February 18, 2024 Bugs: #847625, #907675, #909018, #914781 ID: 202402-17
Synopsis
Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution.
Affected packages
Package Vulnerable Unaffected
net-print/cups < 2.4.7 >= 2.4.7
Description
Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All CUPS users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-print/cups-2.4.7"
References
[ 1 ] CVE-2022-26691 https://nvd.nist.gov/vuln/detail/CVE-2022-26691 [ 2 ] CVE-2023-4504 https://nvd.nist.gov/vuln/detail/CVE-2023-4504 [ 3 ] CVE-2023-32324 https://nvd.nist.gov/vuln/detail/CVE-2023-32324 [ 4 ] CVE-2023-34241 https://nvd.nist.gov/vuln/detail/CVE-2023-34241
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202402-17
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . Summary:
The Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):
2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes 2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console 2040693 - ?Replication repository? wizard has no validation for name length 2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com? 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings 2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace 2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. 2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade 2061335 - [MTC UI] ?Update cluster? button is not getting disabled 2062266 - MTC UI does not display logs properly [OADP-BL] 2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend 2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x 2076593 - Velero pod log missing from UI drop down 2076599 - Velero pod log missing from downloaded logs folder [OADP-BL] 2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan 2079252 - [MTC] Rsync options logs not visible in log-reader pod 2082221 - Don't allow Storage class conversion migration if source cluster has only one storage class defined [UI] 2082225 - non-numeric user when launching stage pods [OADP-BL] 2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments 2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods 2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels 2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL] 2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts 2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL] 2096939 - Fix legacy operator.yml inconsistencies and errors 2100486 - [MTC UI] Target storage class field is not getting respected when clusters don't have replication repo configured
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-1953",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.6.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "cups",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "499.4"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"model": "macos",
"scope": "gt",
"trust": 1.0,
"vendor": "apple",
"version": "12.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "cups",
"scope": "lt",
"trust": 1.0,
"vendor": "openprinting",
"version": "2.4.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.15"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.3"
},
{
"model": "apple mac os x",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "macos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "cups",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "cups",
"scope": null,
"trust": 0.8,
"vendor": "openprinting",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "168228"
},
{
"db": "PACKETSTORM",
"id": "167507"
},
{
"db": "PACKETSTORM",
"id": "167845"
},
{
"db": "PACKETSTORM",
"id": "167514"
},
{
"db": "PACKETSTORM",
"id": "167679"
}
],
"trust": 0.5
},
"cve": "CVE-2022-26691",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-26691",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-417360",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2022-26691",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-26691",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-26691",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2022-26691",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULHUB",
"id": "VHN-417360",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-26691",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417360"
},
{
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. macOS contains an improper comparison vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This security vulnerability occurs when local authorization happens. This flaw allows an malicious user to authenticate to CUPS as root/admin without the 32-byte secret key and perform arbitrary code execution. (CVE-2022-26691). OADP enables both file system-based and\nsnapshot-based backups for persistent volumes. Bugs fixed (https://bugzilla.redhat.com/):\n\n2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter\n2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode\n2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar\n2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nOADP-145 - Restic Restore stuck on InProgress status when app is deployed with DeploymentConfig\nOADP-154 - Ensure support for backing up resources based on different label selectors\nOADP-194 - Remove the registry dependency from OADP\nOADP-199 - Enable support for restore of existing resources\nOADP-224 - Restore silently ignore resources if they exist - restore log not updated\nOADP-225 - Restore doesn\u0027t update velero.io/backup-name when a resource is updated\nOADP-234 - Implementation of incremental restore\nOADP-324 - Add label to Expired backups failing garbage collection\nOADP-382 - 1.1: Update downstream OLM channels to support different x and y-stream releases\nOADP-422 - [GCP] An attempt of snapshoting volumes on CSI storageclass using Velero-native snapshots fails because it\u0027s unable to find the zone\nOADP-423 - CSI Backup is not blocked and does not wait for snapshot to complete\nOADP-478 - volumesnapshotcontent cannot be deleted; SnapshotDeleteError Failed to delete snapshot\nOADP-528 - The volumesnapshotcontent is not removed for the synced backup\nOADP-533 - OADP Backup via Ceph CSI snapshot hangs indefinitely on OpenShift v4.10\nOADP-538 - typo on noDefaultBackupLocation error on DPA CR\nOADP-552 - Validate OADP with 4.11 and Pod Security Admissions\nOADP-558 - Empty Failed Backup CRs can\u0027t be removed\nOADP-585 - OADP 1.0.3: CSI functionality is broken on OCP 4.11 due to missing v1beta1 API version\nOADP-586 - registry deployment still exists on 1.1 build, and the registry pod gets recreated endlessly\nOADP-592 - OADP must-gather add support for insecure tls\nOADP-597 - BSL validation logs\nOADP-598 - Data mover performance on backup blocks backup process\nOADP-599 - [Data Mover] Datamover Restic secret cannot be configured per bsl\nOADP-600 - Operator should validate volsync installation and raise warning if data mover is enabled\nOADP-602 - Support GCP for openshift-velero-plugin registry\nOADP-605 - [OCP 4.11] CSI restore fails with admission webhook \\\"volumesnapshotclasses.snapshot.storage.k8s.io\\\" denied\nOADP-607 - DataMover: VSB is stuck on SnapshotBackupDone\nOADP-610 - Data mover fails if a stale volumesnapshot exists in application namespace\nOADP-613 - DataMover: upstream documentation refers wrong CRs\nOADP-637 - Restic backup fails with CA certificate\nOADP-643 - [Data Mover] VSB and VSR names are not unique\nOADP-644 - VolumeSnapshotBackup and VolumeSnapshotRestore timeouts should be configurable\nOADP-648 - Remove default limits for velero and restic pods\nOADP-652 - Data mover VolSync pod errors with Noobaa\nOADP-655 - DataMover: volsync-dst-vsr pod completes although not all items where restored in the namespace\nOADP-660 - Data mover restic secret does not support Azure\nOADP-698 - DataMover: volume-snapshot-mover pod points to upstream image\nOADP-715 - Restic restore fails: restic-wait container continuously fails with \"Not found: /restores/\u003cpod-volume\u003e/.velero/\u003crestore-UID\u003e\"\nOADP-716 - Incremental restore: second restore of a namespace partially fails\nOADP-736 - Data mover VSB always fails with volsync 0.5\n\n6. \n\nFor the oldstable distribution (buster), this problem has been fixed\nin version 2.2.10-6+deb10u6. \n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 2.3.3op2-3+deb11u2. \n\nWe recommend that you upgrade your cups packages. \n\nFor the detailed security status of cups please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/cups\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmKP0LQACgkQEMKTtsN8\nTjazShAAuLbe1vQOBAX5nUuVTW4fk96gzx899Aep8Wl4AWFmLRSWzdpPVeIEuWei\nwgQycz4YFzKNr+FeCBIx5ZwnmddPd30RYFQjgkUg/UbFD2z3yifT5M3OQRpgsE4+\nEWGPR8V2vZEw+20H22ZhtXGzPiwM+czt120v2mBX2Zf2xOtPLAFtVcLJN5PJsgfO\nhEgHn5zUwumqYEzD7kZNgT98eHtrUvwO3nCveOXWzR4dMD/KgMmCGQIQi+dawEef\nJJNRgvqIgb2sqxxYPHlq/IHQ5H7/NeYfqsHZxf2sRcRRu3XVYql4wMOiegZRk3xz\n+inf0V4GbVBiMfjDJYv3WnsGzm7W4I6rMTfhSq783yXSh6AUt2l/u6xoc7ca6vvd\nlTk5l/9ZhsFxzWdAgUA7ceqmciXCE+yTGaRDw4yP05Vp4cTBKggOz7dws5t75ixH\n/JHwyVQ72AtFiMkMgRjKv8+zP0FbWiOrS3EDyvCjP3vx69dXie2Z1/HvGtoaFY4f\nHgjAbq2i+f8umwYvcf8cdErjRz9CIX09+TuX/J/M1D8X5TNw4KRx3DChca+o94+Q\nZNznkpoCnMVfmUe83P8PgcGLMD0hGai5AnjlroDJyvZn3aD84PVLdDY35wnR/6eq\nDyB81widY5C9SURR/CUWXx2F1NaWLmAsQbLttlFLwzVqUTf76j8=\n=jd0o\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-5454-2\nMay 31, 2022\n\ncups vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in CUPS. This update provides\nthe corresponding update for Ubuntu 16.04 ESM. \n\nOriginal advisory details:\n\n Joshua Mason discovered that CUPS incorrectly handled the secret key used\n to access the administrative web interface. A remote attacker could\n possibly use this issue to open a session as an administrator and execute\n arbitrary code. (CVE-2022-26691)\n\n It was discovered that CUPS incorrectly handled certain memory operations\n when handling IPP printing. A remote attacker could possibly use this issue\n to cause CUPS to crash, leading to a denial of service, or obtain sensitive\n information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04\n LTS. (CVE-2019-8842, CVE-2020-10001)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n cups 2.1.3-4ubuntu0.11+esm1\n\nIn general, a standard system update will make all the necessary changes. Solution:\n\nFor OpenShift Container Platform 4.10 see the following documentation,\nwhich will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.4, see the following instructions to apply\nthis update:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-2536 - Setting up ODF S3 for loki\nLOG-2640 - [release-5.4] FluentdQueueLengthIncreasing rule failing to be evaluated. \nLOG-2757 - [release-5.4] index rollover cronjob fails on openshift-logging operator\nLOG-2762 - [release-5.4]Events and CLO csv are not collected after running `oc adm must-gather --image=$downstream-clo-image `\nLOG-2780 - Loki cannot send logs after upgrade to 5.4.3 from 5.4.2 with \u0027http\u0027\nLOG-2781 - OpenShift Logging Dashboard for Elastic Shards shows \"active_primary\" instead of \"active\" shards. \nLOG-2786 - [release-5.4] Token not added to Vector config when forwarding logs to Lokistack with Token+CA bundle. \nLOG-2791 - [release-5.4] ElasticSearch operator does not respect referencePolicy when selecting oauth-proxy image\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: cups security update\nAdvisory ID: RHSA-2022:4990-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:4990\nIssue date: 2022-06-15\nCVE Names: CVE-2022-26691 \n=====================================================================\n\n1. Summary:\n\nAn update for cups is now available for Red Hat Enterprise Linux 9. \n\nRed Hat Product Security has rated this update as having a security impact\nof\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which\ngives\na detailed severity rating, is available for each vulnerability from the\nCVE\nlink(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor\nLinux, UNIX, and similar operating systems. \n\nSecurity Fix(es):\n\n* cups: authorization bypass when using \"local\" authorization\n(CVE-2022-26691)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2084321 - CVE-2022-26691 cups: authorization bypass when using \"local\" authorization\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 9):\n\naarch64:\ncups-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-client-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-devel-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-ipptool-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-lpd-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-printerapp-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\n\nnoarch:\ncups-filesystem-2.3.3op2-13.el9_0.1.noarch.rpm\n\nppc64le:\ncups-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-client-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-devel-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-ipptool-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-lpd-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-printerapp-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\n\ns390x:\ncups-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-client-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-devel-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-ipptool-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-lpd-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-printerapp-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\n\nx86_64:\ncups-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-client-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.i686.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-devel-2.3.3op2-13.el9_0.1.i686.rpm\ncups-devel-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-ipptool-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-lpd-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-printerapp-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\n\nRed Hat Enterprise Linux BaseOS (v. 9):\n\nSource:\ncups-2.3.3op2-13.el9_0.1.src.rpm\n\naarch64:\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-libs-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.aarch64.rpm\n\nppc64le:\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-libs-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.ppc64le.rpm\n\ns390x:\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-libs-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.s390x.rpm\n\nx86_64:\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-client-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.i686.rpm\ncups-debugsource-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-ipptool-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-libs-2.3.3op2-13.el9_0.1.i686.rpm\ncups-libs-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-libs-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-lpd-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.i686.rpm\ncups-printerapp-debuginfo-2.3.3op2-13.el9_0.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-26691\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYqpyONzjgjWX9erEAQivKA//a6QQWxm7i+NbhcVKNCvCXKtVa8aPt04Z\nmtAojP0b59ifL1QjXr1Kr+pbW/oCP2fxdB2kN1L38mMo/u2pbM3DH4xVA709RgT0\nZHrnryfYjSyRq52/y9PNfUch6tOQAYIlfq7fdLGwSp94xTX+duvkDiyH30RHPlay\nglx/yjQvJzzbmClvl8oTU3qQngWmfrdVQlTjf9nUu3YiAfm8DkEE/wYEksOuKaRF\nxXVLSHXf3KVoMIidsEJPSBxFzxrbvT5Ggk7E2A7bRrmk67s7XUuFnATq9eypVXBu\nCGd00xIIvDHXtgqoHFPuBexqf9PLiIJ+I4XNT/2SCAMoqr6Csw2cZ+WrHMuIN2Uy\nTf7RwazB7FUEf/7+YYE1o66UGFHs19lX24r2pixgFQI5PW7WKNLNVqfkuHogACnP\nCmiNoV/WHwDisuqi1jaT+JB+Yy3aRsCY+gVM0T6PzOKIgUptOKnbGnGexTak1qar\nNMT73SOTIeh7fL3cBd3I8ZK/ZX+0PdglxCpiEJbhIKnmQwSJIkdl+gSU/6078TdO\ntyDqBJgn8YyoFhAliaNq42T6kIVObtHwqpHwlgTPcKkiVWS5YHzdDBrykS+Z9/Eq\nDDpvi2UJn6AMaRk8Gs/RRWaaTiALNIRI5ipb6fM8TRYgW/Z9lKH+rjyInN48sMRJ\nZFVu8coCFgE=\n=V3ej\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202402-17\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: CUPS: Multiple Vulnerabilities\n Date: February 18, 2024\n Bugs: #847625, #907675, #909018, #914781\n ID: 202402-17\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in CUPS, the worst of\nwhich can lead to arbitrary code execution. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n-------------- ------------ ------------\nnet-print/cups \u003c 2.4.7 \u003e= 2.4.7\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in CUPS. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-2.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2022-26691\n https://nvd.nist.gov/vuln/detail/CVE-2022-26691\n[ 2 ] CVE-2023-4504\n https://nvd.nist.gov/vuln/detail/CVE-2023-4504\n[ 3 ] CVE-2023-32324\n https://nvd.nist.gov/vuln/detail/CVE-2023-32324\n[ 4 ] CVE-2023-34241\n https://nvd.nist.gov/vuln/detail/CVE-2023-34241\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202402-17\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2024 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. Summary:\n\nThe Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):\n\n2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes\n2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console\n2040693 - ?Replication repository? wizard has no validation for name length\n2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters\n2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor\n2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com?\n2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak\n2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings\n2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace\n2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. \n2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade\n2061335 - [MTC UI] ?Update cluster? button is not getting disabled\n2062266 - MTC UI does not display logs properly [OADP-BL]\n2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend\n2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x\n2076593 - Velero pod log missing from UI drop down\n2076599 - Velero pod log missing from downloaded logs folder [OADP-BL]\n2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan\n2079252 - [MTC] Rsync options logs not visible in log-reader pod\n2082221 - Don\u0027t allow Storage class conversion migration if source cluster has only one storage class defined [UI]\n2082225 - non-numeric user when launching stage pods [OADP-BL]\n2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments\n2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods\n2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels\n2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL]\n2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts\n2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL]\n2096939 - Fix legacy operator.yml inconsistencies and errors\n2100486 - [MTC UI] Target storage class field is not getting respected when clusters don\u0027t have replication repo configured",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-26691"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"db": "VULHUB",
"id": "VHN-417360"
},
{
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"db": "PACKETSTORM",
"id": "168228"
},
{
"db": "PACKETSTORM",
"id": "169349"
},
{
"db": "PACKETSTORM",
"id": "167338"
},
{
"db": "PACKETSTORM",
"id": "167507"
},
{
"db": "PACKETSTORM",
"id": "167845"
},
{
"db": "PACKETSTORM",
"id": "167514"
},
{
"db": "PACKETSTORM",
"id": "177174"
},
{
"db": "PACKETSTORM",
"id": "167679"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-26691",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-24-046-11",
"trust": 0.9
},
{
"db": "JVN",
"id": "JVNVU91198149",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167514",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167338",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167507",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167845",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168228",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167501",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167512",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167332",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167510",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-417360",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-26691",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169349",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "177174",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167679",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417360"
},
{
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"db": "PACKETSTORM",
"id": "168228"
},
{
"db": "PACKETSTORM",
"id": "169349"
},
{
"db": "PACKETSTORM",
"id": "167338"
},
{
"db": "PACKETSTORM",
"id": "167507"
},
{
"db": "PACKETSTORM",
"id": "167845"
},
{
"db": "PACKETSTORM",
"id": "167514"
},
{
"db": "PACKETSTORM",
"id": "177174"
},
{
"db": "PACKETSTORM",
"id": "167679"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"id": "VAR-202205-1953",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-417360"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T22:13:09.282000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT213184 Apple\u00a0 Security update",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"title": "Debian CVElist Bug Report Logs: cups: CVE-2022-26691: authorization bypass when using \"local\" authorization",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4083971026961f67214911abf1061c00"
},
{
"title": "Debian Security Advisories: DSA-5149-1 cups -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c3e2a8a674123f96fd928688add2133"
},
{
"title": "Red Hat: Important: cups security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225057 - Security Advisory"
},
{
"title": "Red Hat: Important: cups security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225055 - Security Advisory"
},
{
"title": "Red Hat: Important: cups security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225056 - Security Advisory"
},
{
"title": "Red Hat: Important: cups security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225054 - Security Advisory"
},
{
"title": "Red Hat: Important: cups security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224990 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: USN-5454-2: CUPS vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5454-2"
},
{
"title": "Ubuntu Security Notice: USN-5454-1: CUPS vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5454-1"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-108",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-108"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-203",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-203"
},
{
"title": "Red Hat: Moderate: Logging Subsystem 5.4.3 - Red Hat OpenShift security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225556 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226290 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226430 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225483 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.11.0 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225069 - Security Advisory"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-697",
"trust": 1.0
},
{
"problemtype": "Inappropriate comparison (CWE-697) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-269",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417360"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26691"
},
{
"trust": 1.3,
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"trust": 1.2,
"url": "https://github.com/openprinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"trust": 1.2,
"url": "https://github.com/mandiant/vulnerability-disclosures/blob/master/2022/mndt-2022-0026/mndt-2022-0026.md"
},
{
"trust": 1.2,
"url": "https://support.apple.com/en-us/ht213183"
},
{
"trust": 1.2,
"url": "https://support.apple.com/en-us/ht213184"
},
{
"trust": 1.2,
"url": "https://support.apple.com/en-us/ht213185"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kq6td7f3vritpehfdhzhk7mu6febmz5u/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yqrit4h75xv6m42k7ztarwz7yllyqhpo/"
},
{
"trust": 0.9,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91198149/index.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-26691"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-1271"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5454-2"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3634"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-25314"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1271"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-40528"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-25313"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-25314"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3634"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-40528"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-25313"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-29824"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kq6td7f3vritpehfdhzhk7mu6febmz5u/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yqrit4h75xv6m42k7ztarwz7yllyqhpo/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/697.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011769"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/al2022/alas-2022-108.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28327"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6290"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21698"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30629"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-28327"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32208"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24675"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24675"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21698"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29154"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/cups"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5454-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8842"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5057"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27666"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27774"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1621"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28915"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-38561"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22576"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27782"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5556"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27776"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28915"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-22576"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1629"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27666"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27776"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1621"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38561"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4990"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/202402-17"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34241"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-4504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-32324"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21781"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4157"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3744"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27820"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-19131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3807"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0536"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3743"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1011"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0235"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-29154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20322"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1154"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3759"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4083"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-45486"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-37159"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4788"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3772"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-0404"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3669"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3764"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20322"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-41617"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0322"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43056"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-45485"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-4788"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-41864"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21781"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29154"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4197"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4203"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-0941"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43389"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-19131"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0941"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26401"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23852"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27820"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-44733"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3612"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-42739"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-26401"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0404"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417360"
},
{
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"db": "PACKETSTORM",
"id": "168228"
},
{
"db": "PACKETSTORM",
"id": "169349"
},
{
"db": "PACKETSTORM",
"id": "167338"
},
{
"db": "PACKETSTORM",
"id": "167507"
},
{
"db": "PACKETSTORM",
"id": "167845"
},
{
"db": "PACKETSTORM",
"id": "167514"
},
{
"db": "PACKETSTORM",
"id": "177174"
},
{
"db": "PACKETSTORM",
"id": "167679"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-417360"
},
{
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"db": "PACKETSTORM",
"id": "168228"
},
{
"db": "PACKETSTORM",
"id": "169349"
},
{
"db": "PACKETSTORM",
"id": "167338"
},
{
"db": "PACKETSTORM",
"id": "167507"
},
{
"db": "PACKETSTORM",
"id": "167845"
},
{
"db": "PACKETSTORM",
"id": "167514"
},
{
"db": "PACKETSTORM",
"id": "177174"
},
{
"db": "PACKETSTORM",
"id": "167679"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-26T00:00:00",
"db": "VULHUB",
"id": "VHN-417360"
},
{
"date": "2022-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"date": "2022-09-01T16:34:06",
"db": "PACKETSTORM",
"id": "168228"
},
{
"date": "2022-05-28T19:12:00",
"db": "PACKETSTORM",
"id": "169349"
},
{
"date": "2022-06-01T17:06:37",
"db": "PACKETSTORM",
"id": "167338"
},
{
"date": "2022-06-20T00:37:04",
"db": "PACKETSTORM",
"id": "167507"
},
{
"date": "2022-07-27T17:28:30",
"db": "PACKETSTORM",
"id": "167845"
},
{
"date": "2022-06-20T00:46:30",
"db": "PACKETSTORM",
"id": "167514"
},
{
"date": "2024-02-19T14:20:19",
"db": "PACKETSTORM",
"id": "177174"
},
{
"date": "2022-07-01T15:04:32",
"db": "PACKETSTORM",
"id": "167679"
},
{
"date": "2023-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"date": "2022-05-26T18:15:09.340000",
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-417360"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-26691"
},
{
"date": "2024-02-19T06:47:00",
"db": "JVNDB",
"id": "JVNDB-2022-011787"
},
{
"date": "2024-11-21T06:54:19.673000",
"db": "NVD",
"id": "CVE-2022-26691"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "169349"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "macOS\u00a0 Improper Comparison Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-011787"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bypass",
"sources": [
{
"db": "PACKETSTORM",
"id": "167507"
},
{
"db": "PACKETSTORM",
"id": "167514"
}
],
"trust": 0.2
}
}
CVE-2025-61915 (GCVE-0-2025-61915)
Vulnerability from nvd – Published: 2025-11-29 02:15 – Updated: 2025-12-03 15:52
VLAI?
Title
OpenPrinting CUPS vulnerable to stack based out-of-bound write
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. This issue has been patched in version 2.4.15.
Severity ?
6 (Medium)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.15
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-29T02:34:46.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/27/5"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61915",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T15:52:31.413369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T15:52:35.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. This issue has been patched in version 2.4.15."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129: Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-124",
"description": "CWE-124: Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-29T02:15:39.913Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15"
}
],
"source": {
"advisory": "GHSA-hxm8-vfpq-jrfc",
"discovery": "UNKNOWN"
},
"title": "OpenPrinting CUPS vulnerable to stack based out-of-bound write"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-61915",
"datePublished": "2025-11-29T02:15:39.913Z",
"dateReserved": "2025-10-03T22:21:59.614Z",
"dateUpdated": "2025-12-03T15:52:35.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58436 (GCVE-0-2025-58436)
Vulnerability from nvd – Published: 2025-11-29 02:15 – Updated: 2025-12-03 15:23
VLAI?
Title
OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15.
Severity ?
5.1 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.15
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-29T02:34:41.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/27/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58436",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T15:23:36.219986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T15:23:40.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-29T02:15:53.252Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15"
}
],
"source": {
"advisory": "GHSA-8wpw-vfgm-qrrr",
"discovery": "UNKNOWN"
},
"title": "OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58436",
"datePublished": "2025-11-29T02:15:53.252Z",
"dateReserved": "2025-09-01T20:03:06.532Z",
"dateUpdated": "2025-12-03T15:23:40.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58364 (GCVE-0-2025-58364)
Vulnerability from nvd – Published: 2025-09-11 17:26 – Updated: 2025-11-04 21:13
VLAI?
Title
cups: Remote DoS via null dereference
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups & cups-browsed to crash, on all the machines in local network who are listening for printers (so by default for all regular linux machines). On systems where the vulnerability CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was not fixed, and the firewall on the machine does not reject incoming communication to IPP port, and the machine is set to be available to public internet, attack vector "Network" is possible. The current versions of CUPS and cups-browsed projects have the attack vector "Adjacent" in their default configurations. Version 2.4.13 contains a patch for CVE-2025-58364.
Severity ?
6.5 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58364",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-11T17:37:26.400376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:37:30.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:40.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/11/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups \u0026 cups-browsed to crash, on all the machines in local network who are listening for printers (so by default for all regular linux machines). On systems where the vulnerability CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was not fixed, and the firewall on the machine does not reject incoming communication to IPP port, and the machine is set to be available to public internet, attack vector \"Network\" is possible. The current versions of CUPS and cups-browsed projects have the attack vector \"Adjacent\" in their default configurations. Version 2.4.13 contains a patch for CVE-2025-58364."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:26:25.282Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-7qx3-r744-6qv4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-7qx3-r744-6qv4"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/e58cba9d6fceed4242980e51dbd1302cf638ab1d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/e58cba9d6fceed4242980e51dbd1302cf638ab1d"
}
],
"source": {
"advisory": "GHSA-7qx3-r744-6qv4",
"discovery": "UNKNOWN"
},
"title": "cups: Remote DoS via null dereference"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58364",
"datePublished": "2025-09-11T17:26:25.282Z",
"dateReserved": "2025-08-29T16:19:59.011Z",
"dateUpdated": "2025-11-04T21:13:40.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58060 (GCVE-0-2025-58060)
Vulnerability from nvd – Published: 2025-09-11 17:06 – Updated: 2025-11-04 21:13
VLAI?
Title
cups has Authentication bypass with AuthType Negotiate
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58060",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-11T17:33:32.502303Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:35:59.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:22.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/11/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:25:02.915Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221"
}
],
"source": {
"advisory": "GHSA-4c68-qgrh-rmmq",
"discovery": "UNKNOWN"
},
"title": "cups has Authentication bypass with AuthType Negotiate"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58060",
"datePublished": "2025-09-11T17:06:32.899Z",
"dateReserved": "2025-08-22T14:30:32.222Z",
"dateUpdated": "2025-11-04T21:13:22.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-35235 (GCVE-0-2024-35235)
Vulnerability from nvd – Published: 2024-06-11 14:13 – Updated: 2025-02-21 16:56
VLAI?
Title
Cupsd Listen arbitrary chmod 0140777
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue.
Severity ?
4.4 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
<= 2.4.8
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cups",
"vendor": "openprinting",
"versions": [
{
"lessThanOrEqual": "2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35235",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T17:02:39.998197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T16:56:42.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-08T06:03:26.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d"
},
{
"name": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21"
},
{
"name": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/11/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00001.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/08/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.4.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252: Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T03:06:28.702Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d"
},
{
"name": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21",
"tags": [
"x_refsource_MISC"
],
"url": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21"
},
{
"name": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/11/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/5"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00001.html"
}
],
"source": {
"advisory": "GHSA-vvwp-mv6j-hw6f",
"discovery": "UNKNOWN"
},
"title": "Cupsd Listen arbitrary chmod 0140777"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-35235",
"datePublished": "2024-06-11T14:13:23.771Z",
"dateReserved": "2024-05-14T15:39:41.785Z",
"dateUpdated": "2025-02-21T16:56:42.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4504 (GCVE-0-2023-4504)
Vulnerability from nvd – Published: 2023-09-21 22:47 – Updated: 2025-11-04 16:10
VLAI?
Title
OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
Summary
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| OpenPrinting | CUPS |
Affected:
0 , < 2.4.6
(semver)
|
|||||||
|
|||||||||
Credits
zenofex
WanderingGlitch
Austin Hackers Anonymous!
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:38.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"technical-description",
"third-party-advisory",
"x_transferred"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Sep/33"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4504",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:29:05.900883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:16:13.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CUPS",
"vendor": "OpenPrinting",
"versions": [
{
"lessThan": "2.4.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "libppd",
"vendor": "OpenPrinting",
"versions": [
{
"lessThan": "d09348b",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "zenofex"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "WanderingGlitch"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Austin Hackers Anonymous!"
}
],
"datePublic": "2023-09-20T12:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-07T02:06:38.717Z",
"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"shortName": "AHA"
},
"references": [
{
"tags": [
"technical-description",
"third-party-advisory"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"tags": [
"release-notes"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"assignerShortName": "AHA",
"cveId": "CVE-2023-4504",
"datePublished": "2023-09-21T22:47:41.879Z",
"dateReserved": "2023-08-23T21:14:04.183Z",
"dateUpdated": "2025-11-04T16:10:38.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-34241 (GCVE-0-2023-34241)
Vulnerability from nvd – Published: 2023-06-22 22:39 – Updated: 2025-02-13 16:55
VLAI?
Title
CUPS vulnerable to use-after-free in cupsdAcceptClient()
Summary
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process.
The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`.
Version 2.4.6 has a patch for this issue.
Severity ?
5.3 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
>= 2.0.0, < 2.4.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/10"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/06/26/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00038.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213843"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213844"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213845"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34241",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:49:43.499652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T20:49:51.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.4.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process.\n\nThe exact cause of this issue is the function `httpClose(con-\u003ehttp)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`.\n\nVersion 2.4.6 has a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-28T20:06:34.910Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/26/1"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00038.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/"
},
{
"url": "https://support.apple.com/kb/HT213843"
},
{
"url": "https://support.apple.com/kb/HT213844"
},
{
"url": "https://support.apple.com/kb/HT213845"
}
],
"source": {
"advisory": "GHSA-qjgh-5hcq-5f25",
"discovery": "UNKNOWN"
},
"title": "CUPS vulnerable to use-after-free in cupsdAcceptClient()"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-34241",
"datePublished": "2023-06-22T22:39:32.400Z",
"dateReserved": "2023-05-31T13:51:51.171Z",
"dateUpdated": "2025-02-13T16:55:24.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32324 (GCVE-0-2023-32324)
Vulnerability from nvd – Published: 2023-06-01 16:04 – Updated: 2025-02-13 16:50
VLAI?
Title
OpenPrinting CUPS vulnerable to heap buffer overflow
Summary
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
<= 2.4.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:24.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T21:43:15.624616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T21:43:26.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.4.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-01T16:05:06.955Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00001.html"
}
],
"source": {
"advisory": "GHSA-cxc6-w2g7-69p7",
"discovery": "UNKNOWN"
},
"title": "OpenPrinting CUPS vulnerable to heap buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32324",
"datePublished": "2023-06-01T16:04:10.994Z",
"dateReserved": "2023-05-08T13:26:03.880Z",
"dateUpdated": "2025-02-13T16:50:32.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26691 (GCVE-0-2022-26691)
Vulnerability from nvd – Published: 2022-05-26 17:47 – Updated: 2024-08-03 05:11
VLAI?
Summary
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.
Severity ?
No CVSS data available.
CWE
- An application may be able to gain elevated privileges
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2022",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An application may be able to gain elevated privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T03:06:13",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-26691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2022"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An application may be able to gain elevated privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213183",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213183"
},
{
"name": "https://support.apple.com/en-us/HT213184",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213184"
},
{
"name": "https://support.apple.com/en-us/HT213185",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444",
"refsource": "MISC",
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2022-26691",
"datePublished": "2022-05-26T17:47:59",
"dateReserved": "2022-03-08T00:00:00",
"dateUpdated": "2024-08-03T05:11:44.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58436 (GCVE-0-2025-58436)
Vulnerability from cvelistv5 – Published: 2025-11-29 02:15 – Updated: 2025-12-03 15:23
VLAI?
Title
OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15.
Severity ?
5.1 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.15
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-29T02:34:41.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/27/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58436",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T15:23:36.219986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T15:23:40.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-29T02:15:53.252Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15"
}
],
"source": {
"advisory": "GHSA-8wpw-vfgm-qrrr",
"discovery": "UNKNOWN"
},
"title": "OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58436",
"datePublished": "2025-11-29T02:15:53.252Z",
"dateReserved": "2025-09-01T20:03:06.532Z",
"dateUpdated": "2025-12-03T15:23:40.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61915 (GCVE-0-2025-61915)
Vulnerability from cvelistv5 – Published: 2025-11-29 02:15 – Updated: 2025-12-03 15:52
VLAI?
Title
OpenPrinting CUPS vulnerable to stack based out-of-bound write
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. This issue has been patched in version 2.4.15.
Severity ?
6 (Medium)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.15
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-29T02:34:46.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/27/5"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61915",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T15:52:31.413369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T15:52:35.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. This issue has been patched in version 2.4.15."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129: Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-124",
"description": "CWE-124: Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-29T02:15:39.913Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.15"
}
],
"source": {
"advisory": "GHSA-hxm8-vfpq-jrfc",
"discovery": "UNKNOWN"
},
"title": "OpenPrinting CUPS vulnerable to stack based out-of-bound write"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-61915",
"datePublished": "2025-11-29T02:15:39.913Z",
"dateReserved": "2025-10-03T22:21:59.614Z",
"dateUpdated": "2025-12-03T15:52:35.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58364 (GCVE-0-2025-58364)
Vulnerability from cvelistv5 – Published: 2025-09-11 17:26 – Updated: 2025-11-04 21:13
VLAI?
Title
cups: Remote DoS via null dereference
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups & cups-browsed to crash, on all the machines in local network who are listening for printers (so by default for all regular linux machines). On systems where the vulnerability CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was not fixed, and the firewall on the machine does not reject incoming communication to IPP port, and the machine is set to be available to public internet, attack vector "Network" is possible. The current versions of CUPS and cups-browsed projects have the attack vector "Adjacent" in their default configurations. Version 2.4.13 contains a patch for CVE-2025-58364.
Severity ?
6.5 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58364",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-11T17:37:26.400376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:37:30.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:40.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/11/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups \u0026 cups-browsed to crash, on all the machines in local network who are listening for printers (so by default for all regular linux machines). On systems where the vulnerability CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was not fixed, and the firewall on the machine does not reject incoming communication to IPP port, and the machine is set to be available to public internet, attack vector \"Network\" is possible. The current versions of CUPS and cups-browsed projects have the attack vector \"Adjacent\" in their default configurations. Version 2.4.13 contains a patch for CVE-2025-58364."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:26:25.282Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-7qx3-r744-6qv4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-7qx3-r744-6qv4"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/e58cba9d6fceed4242980e51dbd1302cf638ab1d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/e58cba9d6fceed4242980e51dbd1302cf638ab1d"
}
],
"source": {
"advisory": "GHSA-7qx3-r744-6qv4",
"discovery": "UNKNOWN"
},
"title": "cups: Remote DoS via null dereference"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58364",
"datePublished": "2025-09-11T17:26:25.282Z",
"dateReserved": "2025-08-29T16:19:59.011Z",
"dateUpdated": "2025-11-04T21:13:40.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58060 (GCVE-0-2025-58060)
Vulnerability from cvelistv5 – Published: 2025-09-11 17:06 – Updated: 2025-11-04 21:13
VLAI?
Title
cups has Authentication bypass with AuthType Negotiate
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
< 2.4.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58060",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-11T17:33:32.502303Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:35:59.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:22.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/11/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:25:02.915Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221"
}
],
"source": {
"advisory": "GHSA-4c68-qgrh-rmmq",
"discovery": "UNKNOWN"
},
"title": "cups has Authentication bypass with AuthType Negotiate"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58060",
"datePublished": "2025-09-11T17:06:32.899Z",
"dateReserved": "2025-08-22T14:30:32.222Z",
"dateUpdated": "2025-11-04T21:13:22.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-35235 (GCVE-0-2024-35235)
Vulnerability from cvelistv5 – Published: 2024-06-11 14:13 – Updated: 2025-02-21 16:56
VLAI?
Title
Cupsd Listen arbitrary chmod 0140777
Summary
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue.
Severity ?
4.4 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
<= 2.4.8
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cups",
"vendor": "openprinting",
"versions": [
{
"lessThanOrEqual": "2.4.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35235",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T17:02:39.998197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T16:56:42.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-08T06:03:26.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d"
},
{
"name": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21"
},
{
"name": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/11/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00001.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/08/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.4.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252: Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T03:06:28.702Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/ff1f8a623e090dee8a8aadf12a6a4b25efac143d"
},
{
"name": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21",
"tags": [
"x_refsource_MISC"
],
"url": "https://git.launchpad.net/ubuntu/+source/apparmor/tree/profiles/apparmor.d/abstractions/user-tmp#n21"
},
{
"name": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/blob/aba917003c8de55e5bf85010f0ecf1f1ddd1408e/cups/http-addr.c#L229-L240"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/11/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/12/5"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00001.html"
}
],
"source": {
"advisory": "GHSA-vvwp-mv6j-hw6f",
"discovery": "UNKNOWN"
},
"title": "Cupsd Listen arbitrary chmod 0140777"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-35235",
"datePublished": "2024-06-11T14:13:23.771Z",
"dateReserved": "2024-05-14T15:39:41.785Z",
"dateUpdated": "2025-02-21T16:56:42.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4504 (GCVE-0-2023-4504)
Vulnerability from cvelistv5 – Published: 2023-09-21 22:47 – Updated: 2025-11-04 16:10
VLAI?
Title
OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
Summary
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| OpenPrinting | CUPS |
Affected:
0 , < 2.4.6
(semver)
|
|||||||
|
|||||||||
Credits
zenofex
WanderingGlitch
Austin Hackers Anonymous!
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:38.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"technical-description",
"third-party-advisory",
"x_transferred"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Sep/33"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4504",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:29:05.900883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:16:13.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CUPS",
"vendor": "OpenPrinting",
"versions": [
{
"lessThan": "2.4.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "libppd",
"vendor": "OpenPrinting",
"versions": [
{
"lessThan": "d09348b",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "zenofex"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "WanderingGlitch"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Austin Hackers Anonymous!"
}
],
"datePublic": "2023-09-20T12:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-07T02:06:38.717Z",
"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"shortName": "AHA"
},
"references": [
{
"tags": [
"technical-description",
"third-party-advisory"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"tags": [
"release-notes"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"assignerShortName": "AHA",
"cveId": "CVE-2023-4504",
"datePublished": "2023-09-21T22:47:41.879Z",
"dateReserved": "2023-08-23T21:14:04.183Z",
"dateUpdated": "2025-11-04T16:10:38.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-34241 (GCVE-0-2023-34241)
Vulnerability from cvelistv5 – Published: 2023-06-22 22:39 – Updated: 2025-02-13 16:55
VLAI?
Title
CUPS vulnerable to use-after-free in cupsdAcceptClient()
Summary
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process.
The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`.
Version 2.4.6 has a patch for this issue.
Severity ?
5.3 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
>= 2.0.0, < 2.4.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/10"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/06/26/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00038.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213843"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213844"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213845"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34241",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:49:43.499652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T20:49:51.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.4.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process.\n\nThe exact cause of this issue is the function `httpClose(con-\u003ehttp)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`.\n\nVersion 2.4.6 has a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-28T20:06:34.910Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/26/1"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00038.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/"
},
{
"url": "https://support.apple.com/kb/HT213843"
},
{
"url": "https://support.apple.com/kb/HT213844"
},
{
"url": "https://support.apple.com/kb/HT213845"
}
],
"source": {
"advisory": "GHSA-qjgh-5hcq-5f25",
"discovery": "UNKNOWN"
},
"title": "CUPS vulnerable to use-after-free in cupsdAcceptClient()"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-34241",
"datePublished": "2023-06-22T22:39:32.400Z",
"dateReserved": "2023-05-31T13:51:51.171Z",
"dateUpdated": "2025-02-13T16:55:24.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32324 (GCVE-0-2023-32324)
Vulnerability from cvelistv5 – Published: 2023-06-01 16:04 – Updated: 2025-02-13 16:50
VLAI?
Title
OpenPrinting CUPS vulnerable to heap buffer overflow
Summary
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OpenPrinting | cups |
Affected:
<= 2.4.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:24.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T21:43:15.624616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T21:43:26.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "OpenPrinting",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.4.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-01T16:05:06.955Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00001.html"
}
],
"source": {
"advisory": "GHSA-cxc6-w2g7-69p7",
"discovery": "UNKNOWN"
},
"title": "OpenPrinting CUPS vulnerable to heap buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32324",
"datePublished": "2023-06-01T16:04:10.994Z",
"dateReserved": "2023-05-08T13:26:03.880Z",
"dateUpdated": "2025-02-13T16:50:32.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26691 (GCVE-0-2022-26691)
Vulnerability from cvelistv5 – Published: 2022-05-26 17:47 – Updated: 2024-08-03 05:11
VLAI?
Summary
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.
Severity ?
No CVSS data available.
CWE
- An application may be able to gain elevated privileges
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2022",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An application may be able to gain elevated privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T03:06:13",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-26691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2022"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An application may be able to gain elevated privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213183",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213183"
},
{
"name": "https://support.apple.com/en-us/HT213184",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213184"
},
{
"name": "https://support.apple.com/en-us/HT213185",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444",
"refsource": "MISC",
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2022-26691",
"datePublished": "2022-05-26T17:47:59",
"dateReserved": "2022-03-08T00:00:00",
"dateUpdated": "2024-08-03T05:11:44.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}