Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-4504 (GCVE-0-2023-4504)
Vulnerability from cvelistv5 – Published: 2023-09-21 22:47 – Updated: 2025-11-04 16:10
VLAI
EPSS
Title
OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
Summary
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
Severity
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OpenPrinting | CUPS |
Affected:
0 , < 2.4.6
(semver)
|
|
| OpenPrinting | libppd |
Affected:
0 , < d09348b
(git)
|
Date Public
2023-09-20 12:35
Credits
zenofex
WanderingGlitch
Austin Hackers Anonymous!
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:38.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"technical-description",
"third-party-advisory",
"x_transferred"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Sep/33"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4504",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:29:05.900883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:16:13.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CUPS",
"vendor": "OpenPrinting",
"versions": [
{
"lessThan": "2.4.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "libppd",
"vendor": "OpenPrinting",
"versions": [
{
"lessThan": "d09348b",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "zenofex"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "WanderingGlitch"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Austin Hackers Anonymous!"
}
],
"datePublic": "2023-09-20T12:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-07T02:06:38.717Z",
"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"shortName": "AHA"
},
"references": [
{
"tags": [
"technical-description",
"third-party-advisory"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"tags": [
"release-notes"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"assignerShortName": "AHA",
"cveId": "CVE-2023-4504",
"datePublished": "2023-09-21T22:47:41.879Z",
"dateReserved": "2023-08-23T21:14:04.183Z",
"dateUpdated": "2025-11-04T16:10:38.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-4504",
"date": "2026-05-30",
"epss": "0.00035",
"percentile": "0.10885"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-4504\",\"sourceIdentifier\":\"cve@takeonme.org\",\"published\":\"2023-09-21T23:15:12.293\",\"lastModified\":\"2025-11-04T17:15:41.697\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\"},{\"lang\":\"es\",\"value\":\"Debido a un error al validar la longitud proporcionada por un documento PPD PostScript creado por un atacante, CUPS y libppd son susceptibles a un desbordamiento del b\u00fafer y posiblemente a la ejecuci\u00f3n de c\u00f3digo. Este problema se solucion\u00f3 en la versi\u00f3n 2.4.7 de CUPS, lanzada en septiembre de 2023.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cve@takeonme.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.7\",\"matchCriteriaId\":\"8ED9EF47-64F8-4C9F-BD01-38E61B622052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openprinting:libppd:2.0:rc2:*:*:*:linux:*:*\",\"matchCriteriaId\":\"4656F9B5-8D8A-465A-AAF2-3B2AAFD04E35\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://github.com/OpenPrinting/cups/releases/tag/v2.4.7\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://takeonme.org/cves/CVE-2023-4504.html\",\"source\":\"cve@takeonme.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Sep/33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/OpenPrinting/cups/releases/tag/v2.4.7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://takeonme.org/cves/CVE-2023-4504.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://takeonme.org/cves/CVE-2023-4504.html\", \"tags\": [\"technical-description\", \"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/OpenPrinting/cups/releases/tag/v2.4.7\", \"tags\": [\"release-notes\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Sep/33\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T16:10:38.138Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-4504\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:29:05.900883Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T13:58:10.743Z\"}}], \"cna\": {\"title\": \"OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"zenofex\"}, {\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"WanderingGlitch\"}, {\"lang\": \"en\", \"type\": \"coordinator\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Austin Hackers Anonymous!\"}], \"affected\": [{\"vendor\": \"OpenPrinting\", \"product\": \"CUPS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.4.6\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"OpenPrinting\", \"product\": \"libppd\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"d09348b\", \"versionType\": \"git\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2023-09-20T12:35:00.000Z\", \"references\": [{\"url\": \"https://takeonme.org/cves/CVE-2023-4504.html\", \"tags\": [\"technical-description\", \"third-party-advisory\"]}, {\"url\": \"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/OpenPrinting/cups/releases/tag/v2.4.7\", \"tags\": [\"release-notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eDue to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122 Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"26969f82-7e87-44d8-9cb5-f6fb926ddd43\", \"shortName\": \"AHA\", \"dateUpdated\": \"2023-10-07T02:06:38.717Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-4504\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T16:10:38.138Z\", \"dateReserved\": \"2023-08-23T21:14:04.183Z\", \"assignerOrgId\": \"26969f82-7e87-44d8-9cb5-f6fb926ddd43\", \"datePublished\": \"2023-09-21T22:47:41.879Z\", \"assignerShortName\": \"AHA\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Title
Уязвимость функции scan_ps() библиотеки libppd сервера печати CUPS, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код
Description
Уязвимость функции scan_ps() библиотеки libppd сервера печати CUPS связана с выходом операции за границы буфера в памяти при обработке длины PPD-файлов. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии и выполнить произвольный код
Severity
Vendor
ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения, Canonical Ltd., ООО «Ред Софт», АО «ИВК», Fedora Project, АО «НТЦ ИТ РОСА», OpenPrinting, АО "НППКТ", ООО «Открытая мобильная платформа»
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Debian GNU/Linux, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), Ubuntu, РЕД ОС (запись в едином реестре российских программ №3751), Альт 8 СП (запись в едином реестре российских программ №4305), Fedora, РОСА ХРОМ (запись в едином реестре российских программ №1607), CUPS, libppd, АЛЬТ СП 10, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ОС Аврора (запись в едином реестре российских программ №1543)
Software Version
1.6 «Смоленск» (Astra Linux Special Edition), 10 (Debian GNU/Linux), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 20.04 LTS (Ubuntu), 16.04 ESM (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), - (Альт 8 СП), 22.04 LTS (Ubuntu), 37 (Fedora), 4.7 (Astra Linux Special Edition), 38 (Fedora), 39 (Fedora), 18.04 ESM (Ubuntu), 23.04 (Ubuntu), 12.4 (РОСА ХРОМ), до 2.4.7 (CUPS), 2.0rc2 (libppd), - (АЛЬТ СП 10), до 2.9 (ОСОН ОСнова Оnyx), до 5.1.1 включительно (ОС Аврора)
Possible Mitigations
Использование рекомендаций:
Для CUPS:
https://github.com/OpenPrinting/cups/releases/tag/v2.4.7
https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h
Для libppd:
https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6
https://github.com/OpenPrinting/libppd/commit/262c909ac5b8676d1c221584c5a760e5e83fae66
https://github.com/OpenPrinting/libppd/releases
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2023-4504
https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html
Для Ubuntu:
https://ubuntu.com/security/notices/USN-6391-1
https://ubuntu.com/security/notices/USN-6392-1
https://ubuntu.com/security/notices/USN-6391-2
Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/
Для ОС Astra Linux Special Edition 1.7:
обновить пакет cups до 2.3.3op2-4astra.se23 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для Astra Linux 1.6 «Смоленск»:
обновить пакет cups до 2.2.13-1astra.se29 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
Для ОСОН ОСнова Оnyx:
Обновление программного обеспечения cups до версии 2.2.10-6.osnova41
Для ОС Альт 8 СП (релиз 10): установка обновления из публичного репозитория программного средства
Для операционной системы РОСА ХРОМ:https://abf.rosalinux.ru/advisories/ROSA-SA-2024-2320
Для Astra Linux Special Edition 4.7:
обновить пакет cups до 2.3.3op2-4astra.se23 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для ОС Аврора:
https://cve.omp.ru/bb25402
Для ОС Astra Linux:
обновить пакет cups до 2.2.13-1astra.se35 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81
Reference
https://ubuntu.com/security/notices/USN-6391-1
https://ubuntu.com/security/notices/USN-6392-1
https://ubuntu.com/security/notices/USN-6391-2
https://vuldb.com/ru/?id.240061
https://github.com/OpenPrinting/cups/releases/tag/v2.4.7
https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h
https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6
https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/
https://takeonme.org/cves/CVE-2023-4504.html
https://security-tracker.debian.org/tracker/CVE-2023-4504
https://github.com/OpenPrinting/libppd/commit/262c909ac5b8676d1c221584c5a760e5e83fae66
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
https://altsp.su/obnovleniya-bezopasnosti/
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.9/
https://altsp.su/obnovleniya-bezopasnosti/
https://abf.rosalinux.ru/advisories/ROSA-SA-2024-2320
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://cve.omp.ru/bb25402
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81
CWE
CWE-122, CWE-787
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Canonical Ltd., \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Fedora Project, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, OpenPrinting, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 10 (Debian GNU/Linux), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 20.04 LTS (Ubuntu), 16.04 ESM (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 22.04 LTS (Ubuntu), 37 (Fedora), 4.7 (Astra Linux Special Edition), 38 (Fedora), 39 (Fedora), 18.04 ESM (Ubuntu), 23.04 (Ubuntu), 12.4 (\u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c), \u0434\u043e 2.4.7 (CUPS), 2.0rc2 (libppd), - (\u0410\u041b\u042c\u0422 \u0421\u041f 10), \u0434\u043e 2.9 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 5.1.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (\u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f CUPS:\nhttps://github.com/OpenPrinting/cups/releases/tag/v2.4.7\nhttps://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h\n\n\u0414\u043b\u044f libppd:\nhttps://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6\nhttps://github.com/OpenPrinting/libppd/commit/262c909ac5b8676d1c221584c5a760e5e83fae66\nhttps://github.com/OpenPrinting/libppd/releases\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-4504\nhttps://lists.debian.org/debian-lts-announce/2023/09/msg00041.html\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/notices/USN-6391-1\nhttps://ubuntu.com/security/notices/USN-6392-1\nhttps://ubuntu.com/security/notices/USN-6391-2\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 1.7:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 cups \u0434\u043e 2.3.3op2-4astra.se23 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f Astra Linux 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 cups \u0434\u043e 2.2.13-1astra.se29 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f cups \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.2.10-6.osnova41\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0440\u0435\u043b\u0438\u0437 10): \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c:https://abf.rosalinux.ru/advisories/ROSA-SA-2024-2320\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 cups \u0434\u043e 2.3.3op2-4astra.se23 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430:\nhttps://cve.omp.ru/bb25402\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 cups \u0434\u043e 2.2.13-1astra.se35 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.07.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.01.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "09.10.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-06408",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-4504",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Debian GNU/Linux, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Ubuntu, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Fedora, \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), CUPS, libppd, \u0410\u041b\u042c\u0422 \u0421\u041f 10, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Canonical Ltd. Ubuntu 20.04 LTS , Canonical Ltd. Ubuntu 16.04 ESM , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Canonical Ltd. Ubuntu 22.04 LTS , Fedora Project Fedora 37 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Fedora Project Fedora 38 , Fedora Project Fedora 39 , Canonical Ltd. Ubuntu 18.04 ESM , Canonical Ltd. Ubuntu 23.04 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c 12.4 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u041b\u042c\u0422 \u0421\u041f 10 - , \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.9 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 5.1.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e Mashtab TrustPhone T1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 5.1.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e Fplus T1100 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 5.1.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e Fplus T800 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 scan_ps() \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libppd \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u0435\u0447\u0430\u0442\u0438 CUPS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-122), \u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 scan_ps() \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libppd \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u0435\u0447\u0430\u0442\u0438 CUPS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0434\u043b\u0438\u043d\u044b PPD-\u0444\u0430\u0439\u043b\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://ubuntu.com/security/notices/USN-6391-1\nhttps://ubuntu.com/security/notices/USN-6392-1\nhttps://ubuntu.com/security/notices/USN-6391-2\nhttps://vuldb.com/ru/?id.240061\nhttps://github.com/OpenPrinting/cups/releases/tag/v2.4.7 \nhttps://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h \nhttps://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6 \nhttps://lists.debian.org/debian-lts-announce/2023/09/msg00041.html \nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/ \nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/ \nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/ \nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/ \nhttps://takeonme.org/cves/CVE-2023-4504.html\nhttps://security-tracker.debian.org/tracker/CVE-2023-4504\nhttps://github.com/OpenPrinting/libppd/commit/262c909ac5b8676d1c221584c5a760e5e83fae66\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.9/\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://abf.rosalinux.ru/advisories/ROSA-SA-2024-2320\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://cve.omp.ru/bb25402\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20241206SE81",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-122, CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
CERTFR-2024-AVI-0785
Vulnerability from certfr_avis - Published: 2024-09-17 - Updated: 2024-09-17
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | tvOS versions antérieures à 18 | ||
| Apple | N/A | visionOS versions antérieures à 2 | ||
| Apple | iOS | iOS et iPadOS versions antérieures à 18 | ||
| Apple | iOS | iOS et iPadOS versions antérieures à 17.7 | ||
| Apple | N/A | Xcode versions antérieures à 16 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.7 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15 | ||
| Apple | macOS | macOS Ventura versions antérieures à 13.7 | ||
| Apple | Safari | Safari versions antérieures à 18 | ||
| Apple | N/A | watchOS 11 versions antérieures à 11 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "tvOS versions ant\u00e9rieures \u00e0 18",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS\u00a0versions ant\u00e9rieures \u00e0 2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS et iPadOS versions ant\u00e9rieures \u00e0 18",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS et iPadOS versions ant\u00e9rieures \u00e0 17.7",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode versions ant\u00e9rieures \u00e0 16",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.7",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.7",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 18",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS\u00a011 versions ant\u00e9rieures \u00e0 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-44124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44124"
},
{
"name": "CVE-2024-44135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44135"
},
{
"name": "CVE-2024-40837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40837"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2023-4504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4504"
},
{
"name": "CVE-2024-44191",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44191"
},
{
"name": "CVE-2024-40856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40856"
},
{
"name": "CVE-2024-44146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44146"
},
{
"name": "CVE-2024-44181",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44181"
},
{
"name": "CVE-2024-40863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40863"
},
{
"name": "CVE-2024-23237",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23237"
},
{
"name": "CVE-2024-27879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27879"
},
{
"name": "CVE-2024-44183",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44183"
},
{
"name": "CVE-2024-40866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40866"
},
{
"name": "CVE-2024-44184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44184"
},
{
"name": "CVE-2024-40857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40857"
},
{
"name": "CVE-2024-40842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40842"
},
{
"name": "CVE-2024-44131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44131"
},
{
"name": "CVE-2024-44178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44178"
},
{
"name": "CVE-2024-44169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44169"
},
{
"name": "CVE-2024-44202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44202"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2024-44167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44167"
},
{
"name": "CVE-2024-40844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40844"
},
{
"name": "CVE-2024-27869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27869"
},
{
"name": "CVE-2024-40791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40791"
},
{
"name": "CVE-2024-44189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44189"
},
{
"name": "CVE-2024-44187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44187"
},
{
"name": "CVE-2024-44158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44158"
},
{
"name": "CVE-2024-44171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44171"
},
{
"name": "CVE-2024-44177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44177"
},
{
"name": "CVE-2024-44170",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44170"
},
{
"name": "CVE-2024-40825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40825"
},
{
"name": "CVE-2024-40826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40826"
},
{
"name": "CVE-2024-27880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27880"
},
{
"name": "CVE-2024-44188",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44188"
},
{
"name": "CVE-2024-40797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40797"
},
{
"name": "CVE-2024-44130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44130"
},
{
"name": "CVE-2024-44132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44132"
},
{
"name": "CVE-2024-39894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39894"
},
{
"name": "CVE-2024-44161",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44161"
},
{
"name": "CVE-2024-40847",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40847"
},
{
"name": "CVE-2024-40838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40838"
},
{
"name": "CVE-2024-44164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44164"
},
{
"name": "CVE-2024-44186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44186"
},
{
"name": "CVE-2024-44148",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44148"
},
{
"name": "CVE-2024-44190",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44190"
},
{
"name": "CVE-2024-44133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44133"
},
{
"name": "CVE-2024-27886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27886"
},
{
"name": "CVE-2024-40831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40831"
},
{
"name": "CVE-2024-40845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40845"
},
{
"name": "CVE-2024-40860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40860"
},
{
"name": "CVE-2024-44180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44180"
},
{
"name": "CVE-2024-40848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40848"
},
{
"name": "CVE-2024-44147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44147"
},
{
"name": "CVE-2024-44152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44152"
},
{
"name": "CVE-2024-40843",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40843"
},
{
"name": "CVE-2024-44198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44198"
},
{
"name": "CVE-2024-40770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40770"
},
{
"name": "CVE-2024-44139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44139"
},
{
"name": "CVE-2024-44151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44151"
},
{
"name": "CVE-2024-44165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44165"
},
{
"name": "CVE-2024-40850",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40850"
},
{
"name": "CVE-2024-44182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44182"
},
{
"name": "CVE-2024-27875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27875"
},
{
"name": "CVE-2024-44149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44149"
},
{
"name": "CVE-2024-27858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27858"
},
{
"name": "CVE-2024-44154",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44154"
},
{
"name": "CVE-2024-40840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40840"
},
{
"name": "CVE-2024-27874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27874"
},
{
"name": "CVE-2024-40841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40841"
},
{
"name": "CVE-2024-27876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27876"
},
{
"name": "CVE-2024-40859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40859"
},
{
"name": "CVE-2024-44153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44153"
},
{
"name": "CVE-2024-40846",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40846"
},
{
"name": "CVE-2024-40814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40814"
},
{
"name": "CVE-2024-40852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40852"
},
{
"name": "CVE-2024-27795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27795"
},
{
"name": "CVE-2024-40861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40861"
},
{
"name": "CVE-2024-40862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40862"
},
{
"name": "CVE-2024-44128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44128"
},
{
"name": "CVE-2024-44176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44176"
},
{
"name": "CVE-2024-44162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44162"
},
{
"name": "CVE-2024-40830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40830"
},
{
"name": "CVE-2024-40801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40801"
},
{
"name": "CVE-2024-44163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44163"
},
{
"name": "CVE-2024-44129",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44129"
},
{
"name": "CVE-2024-27860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27860"
},
{
"name": "CVE-2024-44166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44166"
},
{
"name": "CVE-2024-44168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44168"
},
{
"name": "CVE-2024-44134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44134"
},
{
"name": "CVE-2024-44125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44125"
},
{
"name": "CVE-2024-27861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27861"
},
{
"name": "CVE-2024-44127",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44127"
},
{
"name": "CVE-2024-40790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40790"
},
{
"name": "CVE-2024-44160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44160"
}
],
"initial_release_date": "2024-09-17T00:00:00",
"last_revision_date": "2024-09-17T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0785",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121238",
"url": "https://support.apple.com/en-us/121238"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121240",
"url": "https://support.apple.com/en-us/121240"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121239",
"url": "https://support.apple.com/en-us/121239"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121246",
"url": "https://support.apple.com/en-us/121246"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121241",
"url": "https://support.apple.com/en-us/121241"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121250",
"url": "https://support.apple.com/en-us/121250"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121234",
"url": "https://support.apple.com/en-us/121234"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121247",
"url": "https://support.apple.com/en-us/121247"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121249",
"url": "https://support.apple.com/en-us/121249"
},
{
"published_at": "2024-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 121248",
"url": "https://support.apple.com/en-us/121248"
}
]
}
CERTFR-2025-AVI-0585
Vulnerability from certfr_avis - Published: 2025-07-11 - Updated: 2025-07-11
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Valkey versions ant\u00e9rieures \u00e0 8.1.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": " Tanzu pour Postgres sur Kubernetes versions ant\u00e9rieures \u00e0 4.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.30.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2022-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2817"
},
{
"name": "CVE-2022-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2182"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2023-4504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4504"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2024-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7531"
},
{
"name": "CVE-2021-25317",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25317"
},
{
"name": "CVE-2021-3968",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3968"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2022-2344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2344"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2022-3016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3016"
},
{
"name": "CVE-2023-7216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7216"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2021-31535",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
},
{
"name": "CVE-2022-2285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2285"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2022-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2982"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2022-2287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2287"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2946"
},
{
"name": "CVE-2022-2862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2862"
},
{
"name": "CVE-2022-2889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2889"
},
{
"name": "CVE-2021-4173",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4173"
},
{
"name": "CVE-2020-12413",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12413"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2023-0051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0051"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2023-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4781"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2022-3324",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3324"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-2257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2257"
},
{
"name": "CVE-2024-45306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45306"
},
{
"name": "CVE-2023-4751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4751"
},
{
"name": "CVE-2021-4136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4136"
},
{
"name": "CVE-2023-4738",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4738"
},
{
"name": "CVE-2021-3928",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3928"
},
{
"name": "CVE-2015-1197",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1197"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2022-2042",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2042"
},
{
"name": "CVE-2022-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2183"
},
{
"name": "CVE-2024-29040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29040"
},
{
"name": "CVE-2017-1000383",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000383"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2022-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2304"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2022-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2819"
},
{
"name": "CVE-2022-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3705"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3234",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3234"
},
{
"name": "CVE-2022-2126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2126"
},
{
"name": "CVE-2021-3973",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3973"
},
{
"name": "CVE-2021-4166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4166"
},
{
"name": "CVE-2022-3256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3256"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2022-2343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2343"
},
{
"name": "CVE-2022-2849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2849"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-3235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3235"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2022-3134",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3134"
},
{
"name": "CVE-2023-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0512"
},
{
"name": "CVE-2022-2175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2175"
},
{
"name": "CVE-2022-3297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3297"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2022-1616",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1616"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2022-2284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2284"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-53920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
},
{
"name": "CVE-2022-2286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2286"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2022-3352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3352"
},
{
"name": "CVE-2023-0054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0054"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2022-3296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3296"
},
{
"name": "CVE-2021-45261",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45261"
},
{
"name": "CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"name": "CVE-2023-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0433"
},
{
"name": "CVE-2022-2345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2345"
},
{
"name": "CVE-2021-3974",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3974"
},
{
"name": "CVE-2022-2845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2845"
},
{
"name": "CVE-2022-2210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2210"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-4735",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4735"
},
{
"name": "CVE-2023-4734",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4734"
},
{
"name": "CVE-2023-2610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2610"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2022-1620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1620"
},
{
"name": "CVE-2023-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5535"
},
{
"name": "CVE-2022-1720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1720"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2022-4292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4292"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2022-2522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2522"
},
{
"name": "CVE-2022-2129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2129"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2024-22667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-27151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27151"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2023-0288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0288"
},
{
"name": "CVE-2025-52968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52968"
},
{
"name": "CVE-2022-3037",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3037"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-2206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2206"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2022-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2124"
},
{
"name": "CVE-2023-7207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7207"
},
{
"name": "CVE-2022-1619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1619"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2022-4141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4141"
},
{
"name": "CVE-2022-3099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3099"
},
{
"name": "CVE-2021-4187",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4187"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2021-3927",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3927"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2021-34141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
},
{
"name": "CVE-2023-0049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0049"
},
{
"name": "CVE-2023-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5344"
},
{
"name": "CVE-2021-33430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
},
{
"name": "CVE-2022-2125",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2125"
},
{
"name": "CVE-2022-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2207"
},
{
"name": "CVE-2017-6519",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6519"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-1127",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1127"
}
],
"initial_release_date": "2025-07-11T00:00:00",
"last_revision_date": "2025-07-11T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0585",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35935",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35935"
},
{
"published_at": "2025-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35934",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35934"
},
{
"published_at": "2025-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35931",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35931"
}
]
}
CERTFR-2025-AVI-0938
Vulnerability from certfr_avis - Published: 2025-10-30 - Updated: 2025-10-30
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu | Tanzu pour Postgres versions antérieures à 4.3.1 sur Kubernetes | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à 6.31.0 | ||
| VMware | Tanzu | Tanzu pour Postgres versions antérieures à 13.22.0, 14.19.0, 15.14.0, 16.10.0 et 17.6.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à 7.6.0 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Postgres versions ant\u00e9rieures \u00e0 4.3.1 sur Kubernetes",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.31.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions ant\u00e9rieures \u00e0 13.22.0, 14.19.0, 15.14.0, 16.10.0 et 17.6.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 7.6.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2022-39176",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39176"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2023-4504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4504"
},
{
"name": "CVE-2021-38593",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38593"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2020-26557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26557"
},
{
"name": "CVE-2019-25059",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25059"
},
{
"name": "CVE-2024-46951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46951"
},
{
"name": "CVE-2025-31273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31273"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2025-32913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32913"
},
{
"name": "CVE-2021-31535",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2022-39177",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39177"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-2720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2720"
},
{
"name": "CVE-2024-46956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46956"
},
{
"name": "CVE-2025-58060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58060"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2024-46953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46953"
},
{
"name": "CVE-2025-24216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24216"
},
{
"name": "CVE-2025-43212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43212"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2025-24150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24150"
},
{
"name": "CVE-2021-45078",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45078"
},
{
"name": "CVE-2023-2222",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2222"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2784"
},
{
"name": "CVE-2022-4055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4055"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2022-44840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44840"
},
{
"name": "CVE-2024-44192",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44192"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-2723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2723"
},
{
"name": "CVE-2025-31278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31278"
},
{
"name": "CVE-2020-26559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26559"
},
{
"name": "CVE-2023-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46751"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-2724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2724"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2022-30294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30294"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-43368",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43368"
},
{
"name": "CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"name": "CVE-2024-46954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46954"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-53920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2020-26556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26556"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2021-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2025-32914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32914"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2025-43343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43343"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-43272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43272"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2025-32906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32906"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2020-26560",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26560"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2025-43216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43216"
},
{
"name": "CVE-2023-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2004"
},
{
"name": "CVE-2025-52194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52194"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2023-24607",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24607"
},
{
"name": "CVE-2025-24209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24209"
},
{
"name": "CVE-2024-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0444"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2017-17973",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17973"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-43342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43342"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-32049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32049"
},
{
"name": "CVE-2025-4948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4948"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2024-4453",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4453"
},
{
"name": "CVE-2025-31257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31257"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-11021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11021"
},
{
"name": "CVE-2023-1579",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1579"
},
{
"name": "CVE-2024-46952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46952"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-7345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7345"
},
{
"name": "CVE-2025-30427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30427"
},
{
"name": "CVE-2025-32911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32911"
}
],
"initial_release_date": "2025-10-30T00:00:00",
"last_revision_date": "2025-10-30T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0938",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36277",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36277"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36284",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36284"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36281",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36281"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36282",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36282"
},
{
"published_at": "2025-10-29",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36283",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36283"
}
]
}
FKIE_CVE-2023-4504
Vulnerability from fkie_nvd - Published: 2023-09-21 23:15 - Updated: 2025-11-04 17:15
Severity
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openprinting | cups | * | |
| openprinting | libppd | 2.0 | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED9EF47-64F8-4C9F-BD01-38E61B622052",
"versionEndExcluding": "2.4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openprinting:libppd:2.0:rc2:*:*:*:linux:*:*",
"matchCriteriaId": "4656F9B5-8D8A-465A-AAF2-3B2AAFD04E35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023."
},
{
"lang": "es",
"value": "Debido a un error al validar la longitud proporcionada por un documento PPD PostScript creado por un atacante, CUPS y libppd son susceptibles a un desbordamiento del b\u00fafer y posiblemente a la ejecuci\u00f3n de c\u00f3digo. Este problema se solucion\u00f3 en la versi\u00f3n 2.4.7 de CUPS, lanzada en septiembre de 2023."
}
],
"id": "CVE-2023-4504",
"lastModified": "2025-11-04T17:15:41.697",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-09-21T23:15:12.293",
"references": [
{
"source": "cve@takeonme.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"source": "cve@takeonme.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"source": "cve@takeonme.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"source": "cve@takeonme.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"source": "cve@takeonme.org",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"source": "cve@takeonme.org",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"source": "cve@takeonme.org",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"source": "cve@takeonme.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
},
{
"source": "cve@takeonme.org",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"source": "cve@takeonme.org",
"tags": [
"Exploit"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2024/Sep/33"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
}
],
"sourceIdentifier": "cve@takeonme.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "cve@takeonme.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2023-4504
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-4504",
"id": "GSD-2023-4504"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-4504"
],
"details": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\n",
"id": "GSD-2023-4504",
"modified": "2023-12-13T01:20:27.544654Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@takeonme.org",
"ID": "CVE-2023-4504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CUPS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "2.4.6"
}
]
}
},
{
"product_name": "libppd",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "d09348b"
}
]
}
}
]
},
"vendor_name": "OpenPrinting"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "zenofex"
},
{
"lang": "en",
"value": "WanderingGlitch"
},
{
"lang": "en",
"value": "Austin Hackers Anonymous!"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-122",
"lang": "eng",
"value": " CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://takeonme.org/cves/CVE-2023-4504.html",
"refsource": "MISC",
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6",
"refsource": "MISC",
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h",
"refsource": "MISC",
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7",
"refsource": "MISC",
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openprinting:libppd:2.0:rc2:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@takeonme.org",
"ID": "CVE-2023-4504"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6",
"refsource": "MISC",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6"
},
{
"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h",
"refsource": "MISC",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h"
},
{
"name": "https://takeonme.org/cves/CVE-2023-4504.html",
"refsource": "MISC",
"tags": [
"Exploit"
],
"url": "https://takeonme.org/cves/CVE-2023-4504.html"
},
{
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7",
"refsource": "MISC",
"tags": [
"Release Notes"
],
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/",
"refsource": "MISC",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/",
"refsource": "MISC",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/",
"refsource": "MISC",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/",
"refsource": "MISC",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-11-09T20:58Z",
"publishedDate": "2023-09-21T23:15Z"
}
}
}
MSRC_CVE-2023-4504
Vulnerability from csaf_microsoft - Published: 2023-09-01 00:00 - Updated: 2026-02-18 01:56Summary
OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.0 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 20071-17084 | — | ||
| Unresolved product id: 18159-17086 | — | ||
| Unresolved product id: 17722-17084 | — | ||
| Unresolved product id: 19950-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2023/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2023/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4504 OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2023-4504.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow",
"tracking": {
"current_release_date": "2026-02-18T01:56:09.000Z",
"generator": {
"date": "2026-02-18T12:19:05.749Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2023-4504",
"initial_release_date": "2023-09-01T00:00:00.000Z",
"revision_history": [
{
"date": "2024-04-01T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-08-29T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
},
{
"date": "2024-08-30T00:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Information published."
},
{
"date": "2024-08-31T00:00:00.000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Information published."
},
{
"date": "2024-09-01T00:00:00.000Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Information published."
},
{
"date": "2024-09-02T00:00:00.000Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Information published."
},
{
"date": "2024-09-03T00:00:00.000Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Information published."
},
{
"date": "2024-09-05T00:00:00.000Z",
"legacy_version": "1.7",
"number": "8",
"summary": "Information published."
},
{
"date": "2024-09-06T00:00:00.000Z",
"legacy_version": "1.8",
"number": "9",
"summary": "Information published."
},
{
"date": "2024-09-07T00:00:00.000Z",
"legacy_version": "1.9",
"number": "10",
"summary": "Information published."
},
{
"date": "2024-09-08T00:00:00.000Z",
"legacy_version": "2",
"number": "11",
"summary": "Information published."
},
{
"date": "2024-09-11T00:00:00.000Z",
"legacy_version": "2.1",
"number": "12",
"summary": "Information published."
},
{
"date": "2026-02-18T01:56:09.000Z",
"legacy_version": "2.2",
"number": "13",
"summary": "Information published."
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 cups 2.3.3op2-6",
"product": {
"name": "\u003cazl3 cups 2.3.3op2-6",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 cups 2.3.3op2-6",
"product": {
"name": "azl3 cups 2.3.3op2-6",
"product_id": "20071"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 cups 2.3.3op2-7",
"product": {
"name": "\u003ccbl2 cups 2.3.3op2-7",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 cups 2.3.3op2-7",
"product": {
"name": "cbl2 cups 2.3.3op2-7",
"product_id": "18159"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 cups 2.4.10-1",
"product": {
"name": "\u003cazl3 cups 2.4.10-1",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 cups 2.4.10-1",
"product": {
"name": "azl3 cups 2.4.10-1",
"product_id": "17722"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 cups 2.3.3op2-9",
"product": {
"name": "\u003ccbl2 cups 2.3.3op2-9",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 cups 2.3.3op2-9",
"product": {
"name": "cbl2 cups 2.3.3op2-9",
"product_id": "19950"
}
}
],
"category": "product_name",
"name": "cups"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 cups 2.3.3op2-6 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cups 2.3.3op2-6 as a component of Azure Linux 3.0",
"product_id": "20071-17084"
},
"product_reference": "20071",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 cups 2.3.3op2-7 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cups 2.3.3op2-7 as a component of CBL Mariner 2.0",
"product_id": "18159-17086"
},
"product_reference": "18159",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 cups 2.4.10-1 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cups 2.4.10-1 as a component of Azure Linux 3.0",
"product_id": "17722-17084"
},
"product_reference": "17722",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 cups 2.3.3op2-9 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cups 2.3.3op2-9 as a component of CBL Mariner 2.0",
"product_id": "19950-17086"
},
"product_reference": "19950",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4504",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "general",
"text": "AHA",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20071-17084",
"18159-17086",
"17722-17084",
"19950-17086"
],
"known_affected": [
"17084-1",
"17086-3",
"17084-4",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4504 OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2023-4504.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-01T00:00:00.000Z",
"details": "2.4.10-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1",
"17084-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-04-01T00:00:00.000Z",
"details": "2.3.3op2-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-3",
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17084-1",
"17086-3",
"17084-4",
"17086-2"
]
}
],
"title": "OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow"
}
]
}
NCSC-2024-0381
Vulnerability from csaf_ncscnl - Published: 2024-09-26 08:48 - Updated: 2024-09-26 08:48Summary
Kwetsbaarheden verholpen in Apple MacOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Apple heeft kwetsbaarheden verholpen in MacOS
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van beveiligingsmaatregel
- Toegang tot gevoelige gegevens
- Toegang tot systeemgegevens
Voor succesvol misbruik moet de kwaadwillende lokale toegang hebben, het slachtoffer misleiden een malafide app te downloaden en installeren, of een malafide bestand te openen of link te volgen.
Oplossingen: Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen in MacOS 13.7, 14.7 en 15. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-208: Observable Timing Discrepancy
CWE-942: Permissive Cross-domain Policy with Untrusted Domains
CWE-415: Double Free
CWE-265: CWE-265
CWE-203: Observable Discrepancy
CWE-190: Integer Overflow or Wraparound
CWE-61: UNIX Symbolic Link (Symlink) Following
CWE-285: Improper Authorization
CWE-404: Improper Resource Shutdown or Release
CWE-275: CWE-275
CWE-284: Improper Access Control
CWE-377: Insecure Temporary File
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-122: Heap-based Buffer Overflow
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
CWE-404
- Improper Resource Shutdown or Release
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
6.0 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.1 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
4.4 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
8.4 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
10.0 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
10.0 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
macos_sequoia__15
apple
|
cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*
|
— | |
|
macos_sonoma__14.7
apple
|
cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*
|
— | |
|
macos_ventura__13.7
apple
|
cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*
|
— |
References
83 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Apple heeft kwetsbaarheden verholpen in MacOS",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n- Toegang tot systeemgegevens\n\n\nVoor succesvol misbruik moet de kwaadwillende lokale toegang hebben, het slachtoffer misleiden een malafide app te downloaden en installeren, of een malafide bestand te openen of link te volgen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen in MacOS 13.7, 14.7 en 15. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "general",
"text": "Permissive Cross-domain Policy with Untrusted Domains",
"title": "CWE-942"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "CWE-265",
"title": "CWE-265"
},
{
"category": "general",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Insecure Temporary File",
"title": "CWE-377"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5; hkcert; nvd",
"url": "https://support.apple.com/en-us/121247"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5; hkcert; nvd",
"url": "https://support.apple.com/en-us/121234"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5; hkcert; nvd",
"url": "https://support.apple.com/en-us/121238"
}
],
"title": "Kwetsbaarheden verholpen in Apple MacOS",
"tracking": {
"current_release_date": "2024-09-26T08:48:34.451990Z",
"id": "NCSC-2024-0381",
"initial_release_date": "2024-09-26T08:48:34.451990Z",
"revision_history": [
{
"date": "2024-09-26T08:48:34.451990Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "macos_sequoia__15",
"product": {
"name": "macos_sequoia__15",
"product_id": "CSAFPID-1644309",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "macos_sonoma__14.7",
"product": {
"name": "macos_sonoma__14.7",
"product_id": "CSAFPID-1644310",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "macos_ventura__13.7",
"product": {
"name": "macos_ventura__13.7",
"product_id": "CSAFPID-1644311",
"product_identification_helper": {
"cpe": "cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-44154",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44154",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44154.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44154"
},
{
"cve": "CVE-2024-44158",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44158",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44158.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44158"
},
{
"cve": "CVE-2024-44160",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44160",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44160.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44160"
},
{
"cve": "CVE-2024-44161",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44161",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44161.json"
}
],
"title": "CVE-2024-44161"
},
{
"cve": "CVE-2024-44163",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44163",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44163.json"
}
],
"title": "CVE-2024-44163"
},
{
"cve": "CVE-2024-44164",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44164",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44164.json"
}
],
"title": "CVE-2024-44164"
},
{
"cve": "CVE-2024-44165",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44165",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44165.json"
}
],
"title": "CVE-2024-44165"
},
{
"cve": "CVE-2024-44166",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44166",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44166.json"
}
],
"title": "CVE-2024-44166"
},
{
"cve": "CVE-2024-44167",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44167",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44167.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44167"
},
{
"cve": "CVE-2024-44168",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44168",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44168.json"
}
],
"title": "CVE-2024-44168"
},
{
"cve": "CVE-2024-44169",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44169",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44169.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44169"
},
{
"cve": "CVE-2024-44170",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44170",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44170.json"
}
],
"title": "CVE-2024-44170"
},
{
"cve": "CVE-2024-44176",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44176",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44176"
},
{
"cve": "CVE-2024-44177",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44177",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44177.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44177"
},
{
"cve": "CVE-2024-44178",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44178.json"
}
],
"title": "CVE-2024-44178"
},
{
"cve": "CVE-2024-44181",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"notes": [
{
"category": "other",
"text": "Insecure Temporary File",
"title": "CWE-377"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44181",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44181.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44181"
},
{
"cve": "CVE-2024-44182",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44182"
},
{
"cve": "CVE-2024-44183",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44183",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44183.json"
}
],
"title": "CVE-2024-44183"
},
{
"cve": "CVE-2024-44184",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44184.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44184"
},
{
"cve": "CVE-2024-44186",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44186",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44186.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44186"
},
{
"cve": "CVE-2024-44187",
"cwe": {
"id": "CWE-942",
"name": "Permissive Cross-domain Policy with Untrusted Domains"
},
"notes": [
{
"category": "other",
"text": "Permissive Cross-domain Policy with Untrusted Domains",
"title": "CWE-942"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44187",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44187.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44187"
},
{
"cve": "CVE-2024-44188",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44188",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44188.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44188"
},
{
"cve": "CVE-2024-44189",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44189",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44189.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44189"
},
{
"cve": "CVE-2024-44190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44190",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44190.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44190"
},
{
"cve": "CVE-2024-44191",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44191",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44191.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44191"
},
{
"cve": "CVE-2024-44198",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44198",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44198.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44198"
},
{
"cve": "CVE-2023-4504",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4504",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4504.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2023-4504"
},
{
"cve": "CVE-2023-5841",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5841",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5841.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2023-5841"
},
{
"cve": "CVE-2024-23237",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23237",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23237.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-23237"
},
{
"cve": "CVE-2024-27795",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27795"
},
{
"cve": "CVE-2024-27858",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27858",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27858.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27858"
},
{
"cve": "CVE-2024-27860",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27860",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27860.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27860"
},
{
"cve": "CVE-2024-27861",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27861",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27861.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27861"
},
{
"cve": "CVE-2024-27869",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27869",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27869.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27869"
},
{
"cve": "CVE-2024-27875",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27875",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27875.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27875"
},
{
"cve": "CVE-2024-27876",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27876",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27876.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27876"
},
{
"cve": "CVE-2024-27880",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27880",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27880.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-27880"
},
{
"cve": "CVE-2024-27886",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27886",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27886.json"
}
],
"title": "CVE-2024-27886"
},
{
"cve": "CVE-2024-39894",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "other",
"text": "Observable Discrepancy",
"title": "CWE-203"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39894",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39894.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-39894"
},
{
"cve": "CVE-2024-40770",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40770",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40770.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40770"
},
{
"cve": "CVE-2024-40791",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40791",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40791.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40791"
},
{
"cve": "CVE-2024-40797",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40797",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40797.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40797"
},
{
"cve": "CVE-2024-40801",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40801"
},
{
"cve": "CVE-2024-40814",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40814",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40814.json"
}
],
"title": "CVE-2024-40814"
},
{
"cve": "CVE-2024-40825",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40825",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40825.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40825"
},
{
"cve": "CVE-2024-40826",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40826",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40826.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40826"
},
{
"cve": "CVE-2024-40831",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40831",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40831.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40831"
},
{
"cve": "CVE-2024-40837",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40837",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40837.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40837"
},
{
"cve": "CVE-2024-40838",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40838",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40838.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40838"
},
{
"cve": "CVE-2024-40841",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40841",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40841.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40841"
},
{
"cve": "CVE-2024-40842",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40842",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40842.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40842"
},
{
"cve": "CVE-2024-40843",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40843",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40843.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40843"
},
{
"cve": "CVE-2024-40844",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40844",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40844.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40844"
},
{
"cve": "CVE-2024-40845",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40845",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40845.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40845"
},
{
"cve": "CVE-2024-40846",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40846",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40846.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40846"
},
{
"cve": "CVE-2024-40847",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40847",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40847.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40847"
},
{
"cve": "CVE-2024-40848",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40848",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40848.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40848"
},
{
"cve": "CVE-2024-40850",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40850",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40850.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40850"
},
{
"cve": "CVE-2024-40856",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40856",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40856.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40856"
},
{
"cve": "CVE-2024-40857",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40857",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40857.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40857"
},
{
"cve": "CVE-2024-40859",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40859",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40859.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40859"
},
{
"cve": "CVE-2024-40860",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40860",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40860.json"
}
],
"title": "CVE-2024-40860"
},
{
"cve": "CVE-2024-40861",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40861",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40861.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40861"
},
{
"cve": "CVE-2024-40866",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40866",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40866.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-40866"
},
{
"cve": "CVE-2024-41957",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41957",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41957.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-41957"
},
{
"cve": "CVE-2024-44125",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44125",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44125.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44125"
},
{
"cve": "CVE-2024-44128",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44128",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44128.json"
}
],
"title": "CVE-2024-44128"
},
{
"cve": "CVE-2024-44129",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44129",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44129.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44129"
},
{
"cve": "CVE-2024-44130",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44130",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44130"
},
{
"cve": "CVE-2024-44131",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44131.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44131"
},
{
"cve": "CVE-2024-44132",
"cwe": {
"id": "CWE-61",
"name": "UNIX Symbolic Link (Symlink) Following"
},
"notes": [
{
"category": "other",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44132",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44132.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44132"
},
{
"cve": "CVE-2024-44133",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44133",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44133"
},
{
"cve": "CVE-2024-44134",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44134",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44134.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44134"
},
{
"cve": "CVE-2024-44135",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44135",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44135.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44135"
},
{
"cve": "CVE-2024-44146",
"cwe": {
"id": "CWE-265",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-265",
"title": "CWE-265"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44146",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44146.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44146"
},
{
"cve": "CVE-2024-44148",
"cwe": {
"id": "CWE-265",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-265",
"title": "CWE-265"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44148",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44148.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44148"
},
{
"cve": "CVE-2024-44149",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44149",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44149.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44149"
},
{
"cve": "CVE-2024-44151",
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44151",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44151.json"
}
],
"title": "CVE-2024-44151"
},
{
"cve": "CVE-2024-44152",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44152",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44152.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44152"
},
{
"cve": "CVE-2024-44153",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44153",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44153.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1644309",
"CSAFPID-1644310",
"CSAFPID-1644311"
]
}
],
"title": "CVE-2024-44153"
}
]
}
OPENSUSE-SU-2024:13250-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
cups-2.4.2-7.1 on GA media
Severity
Moderate
Notes
Title of the patch: cups-2.4.2-7.1 on GA media
Description of the patch: These are all security issues fixed in the cups-2.4.2-7.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13250
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
13 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-32360/ | self |
| https://www.suse.com/security/cve/CVE-2023-4504/ | self |
| https://www.suse.com/security/cve/CVE-2023-32360 | external |
| https://bugzilla.suse.com/1214254 | external |
| https://www.suse.com/security/cve/CVE-2023-4504 | external |
| https://bugzilla.suse.com/1215204 | external |
| https://bugzilla.suse.com/1217457 | external |
| https://bugzilla.suse.com/1217553 | external |
| https://bugzilla.suse.com/1218317 | external |
| https://bugzilla.suse.com/1218347 | external |
| https://bugzilla.suse.com/1221585 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "cups-2.4.2-7.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the cups-2.4.2-7.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13250",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13250-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32360 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4504 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4504/"
}
],
"title": "cups-2.4.2-7.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13250-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cups-2.4.2-7.1.aarch64",
"product": {
"name": "cups-2.4.2-7.1.aarch64",
"product_id": "cups-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-client-2.4.2-7.1.aarch64",
"product": {
"name": "cups-client-2.4.2-7.1.aarch64",
"product_id": "cups-client-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-config-2.4.2-7.1.aarch64",
"product": {
"name": "cups-config-2.4.2-7.1.aarch64",
"product_id": "cups-config-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.4.2-7.1.aarch64",
"product": {
"name": "cups-ddk-2.4.2-7.1.aarch64",
"product_id": "cups-ddk-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-devel-2.4.2-7.1.aarch64",
"product": {
"name": "cups-devel-2.4.2-7.1.aarch64",
"product_id": "cups-devel-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-devel-32bit-2.4.2-7.1.aarch64",
"product": {
"name": "cups-devel-32bit-2.4.2-7.1.aarch64",
"product_id": "cups-devel-32bit-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcups2-2.4.2-7.1.aarch64",
"product": {
"name": "libcups2-2.4.2-7.1.aarch64",
"product_id": "libcups2-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcups2-32bit-2.4.2-7.1.aarch64",
"product": {
"name": "libcups2-32bit-2.4.2-7.1.aarch64",
"product_id": "libcups2-32bit-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.4.2-7.1.aarch64",
"product": {
"name": "libcupsimage2-2.4.2-7.1.aarch64",
"product_id": "libcupsimage2-2.4.2-7.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcupsimage2-32bit-2.4.2-7.1.aarch64",
"product": {
"name": "libcupsimage2-32bit-2.4.2-7.1.aarch64",
"product_id": "libcupsimage2-32bit-2.4.2-7.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-2.4.2-7.1.ppc64le",
"product": {
"name": "cups-2.4.2-7.1.ppc64le",
"product_id": "cups-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-client-2.4.2-7.1.ppc64le",
"product": {
"name": "cups-client-2.4.2-7.1.ppc64le",
"product_id": "cups-client-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-config-2.4.2-7.1.ppc64le",
"product": {
"name": "cups-config-2.4.2-7.1.ppc64le",
"product_id": "cups-config-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.4.2-7.1.ppc64le",
"product": {
"name": "cups-ddk-2.4.2-7.1.ppc64le",
"product_id": "cups-ddk-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-devel-2.4.2-7.1.ppc64le",
"product": {
"name": "cups-devel-2.4.2-7.1.ppc64le",
"product_id": "cups-devel-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-devel-32bit-2.4.2-7.1.ppc64le",
"product": {
"name": "cups-devel-32bit-2.4.2-7.1.ppc64le",
"product_id": "cups-devel-32bit-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcups2-2.4.2-7.1.ppc64le",
"product": {
"name": "libcups2-2.4.2-7.1.ppc64le",
"product_id": "libcups2-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcups2-32bit-2.4.2-7.1.ppc64le",
"product": {
"name": "libcups2-32bit-2.4.2-7.1.ppc64le",
"product_id": "libcups2-32bit-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.4.2-7.1.ppc64le",
"product": {
"name": "libcupsimage2-2.4.2-7.1.ppc64le",
"product_id": "libcupsimage2-2.4.2-7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"product": {
"name": "libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"product_id": "libcupsimage2-32bit-2.4.2-7.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-2.4.2-7.1.s390x",
"product": {
"name": "cups-2.4.2-7.1.s390x",
"product_id": "cups-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-client-2.4.2-7.1.s390x",
"product": {
"name": "cups-client-2.4.2-7.1.s390x",
"product_id": "cups-client-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-config-2.4.2-7.1.s390x",
"product": {
"name": "cups-config-2.4.2-7.1.s390x",
"product_id": "cups-config-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.4.2-7.1.s390x",
"product": {
"name": "cups-ddk-2.4.2-7.1.s390x",
"product_id": "cups-ddk-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-devel-2.4.2-7.1.s390x",
"product": {
"name": "cups-devel-2.4.2-7.1.s390x",
"product_id": "cups-devel-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-devel-32bit-2.4.2-7.1.s390x",
"product": {
"name": "cups-devel-32bit-2.4.2-7.1.s390x",
"product_id": "cups-devel-32bit-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "libcups2-2.4.2-7.1.s390x",
"product": {
"name": "libcups2-2.4.2-7.1.s390x",
"product_id": "libcups2-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "libcups2-32bit-2.4.2-7.1.s390x",
"product": {
"name": "libcups2-32bit-2.4.2-7.1.s390x",
"product_id": "libcups2-32bit-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.4.2-7.1.s390x",
"product": {
"name": "libcupsimage2-2.4.2-7.1.s390x",
"product_id": "libcupsimage2-2.4.2-7.1.s390x"
}
},
{
"category": "product_version",
"name": "libcupsimage2-32bit-2.4.2-7.1.s390x",
"product": {
"name": "libcupsimage2-32bit-2.4.2-7.1.s390x",
"product_id": "libcupsimage2-32bit-2.4.2-7.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-2.4.2-7.1.x86_64",
"product": {
"name": "cups-2.4.2-7.1.x86_64",
"product_id": "cups-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-client-2.4.2-7.1.x86_64",
"product": {
"name": "cups-client-2.4.2-7.1.x86_64",
"product_id": "cups-client-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-config-2.4.2-7.1.x86_64",
"product": {
"name": "cups-config-2.4.2-7.1.x86_64",
"product_id": "cups-config-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.4.2-7.1.x86_64",
"product": {
"name": "cups-ddk-2.4.2-7.1.x86_64",
"product_id": "cups-ddk-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-devel-2.4.2-7.1.x86_64",
"product": {
"name": "cups-devel-2.4.2-7.1.x86_64",
"product_id": "cups-devel-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-devel-32bit-2.4.2-7.1.x86_64",
"product": {
"name": "cups-devel-32bit-2.4.2-7.1.x86_64",
"product_id": "cups-devel-32bit-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcups2-2.4.2-7.1.x86_64",
"product": {
"name": "libcups2-2.4.2-7.1.x86_64",
"product_id": "libcups2-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcups2-32bit-2.4.2-7.1.x86_64",
"product": {
"name": "libcups2-32bit-2.4.2-7.1.x86_64",
"product_id": "libcups2-32bit-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.4.2-7.1.x86_64",
"product": {
"name": "libcupsimage2-2.4.2-7.1.x86_64",
"product_id": "libcupsimage2-2.4.2-7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcupsimage2-32bit-2.4.2-7.1.x86_64",
"product": {
"name": "libcupsimage2-32bit-2.4.2-7.1.x86_64",
"product_id": "libcupsimage2-32bit-2.4.2-7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64"
},
"product_reference": "cups-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le"
},
"product_reference": "cups-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-2.4.2-7.1.s390x"
},
"product_reference": "cups-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64"
},
"product_reference": "cups-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64"
},
"product_reference": "cups-client-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le"
},
"product_reference": "cups-client-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x"
},
"product_reference": "cups-client-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64"
},
"product_reference": "cups-client-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64"
},
"product_reference": "cups-config-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le"
},
"product_reference": "cups-config-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x"
},
"product_reference": "cups-config-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64"
},
"product_reference": "cups-config-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64"
},
"product_reference": "cups-ddk-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le"
},
"product_reference": "cups-ddk-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x"
},
"product_reference": "cups-ddk-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64"
},
"product_reference": "cups-ddk-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64"
},
"product_reference": "cups-devel-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le"
},
"product_reference": "cups-devel-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x"
},
"product_reference": "cups-devel-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64"
},
"product_reference": "cups-devel-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-32bit-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64"
},
"product_reference": "cups-devel-32bit-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-32bit-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le"
},
"product_reference": "cups-devel-32bit-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-32bit-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x"
},
"product_reference": "cups-devel-32bit-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-32bit-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64"
},
"product_reference": "cups-devel-32bit-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64"
},
"product_reference": "libcups2-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le"
},
"product_reference": "libcups2-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x"
},
"product_reference": "libcups2-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64"
},
"product_reference": "libcups2-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-32bit-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64"
},
"product_reference": "libcups2-32bit-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-32bit-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le"
},
"product_reference": "libcups2-32bit-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-32bit-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x"
},
"product_reference": "libcups2-32bit-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-32bit-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64"
},
"product_reference": "libcups2-32bit-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64"
},
"product_reference": "libcupsimage2-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le"
},
"product_reference": "libcupsimage2-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x"
},
"product_reference": "libcupsimage2-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64"
},
"product_reference": "libcupsimage2-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-32bit-2.4.2-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64"
},
"product_reference": "libcupsimage2-32bit-2.4.2-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-32bit-2.4.2-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le"
},
"product_reference": "libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-32bit-2.4.2-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x"
},
"product_reference": "libcupsimage2-32bit-2.4.2-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-32bit-2.4.2-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64"
},
"product_reference": "libcupsimage2-32bit-2.4.2-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-32360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32360"
}
],
"notes": [
{
"category": "general",
"text": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32360",
"url": "https://www.suse.com/security/cve/CVE-2023-32360"
},
{
"category": "external",
"summary": "SUSE Bug 1214254 for CVE-2023-32360",
"url": "https://bugzilla.suse.com/1214254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-32360"
},
{
"cve": "CVE-2023-4504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4504"
}
],
"notes": [
{
"category": "general",
"text": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4504",
"url": "https://www.suse.com/security/cve/CVE-2023-4504"
},
{
"category": "external",
"summary": "SUSE Bug 1215204 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1215204"
},
{
"category": "external",
"summary": "SUSE Bug 1217457 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1217457"
},
{
"category": "external",
"summary": "SUSE Bug 1217553 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1217553"
},
{
"category": "external",
"summary": "SUSE Bug 1218317 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1218317"
},
{
"category": "external",
"summary": "SUSE Bug 1218347 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1218347"
},
{
"category": "external",
"summary": "SUSE Bug 1221585 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1221585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cups-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-client-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-config-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-ddk-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:cups-devel-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcups2-32bit-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-2.4.2-7.1.x86_64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.aarch64",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.ppc64le",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.s390x",
"openSUSE Tumbleweed:libcupsimage2-32bit-2.4.2-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-4504"
}
]
}
SUSE-SU-2023:3706-1
Vulnerability from csaf_suse - Published: 2023-09-20 15:09 - Updated: 2023-09-20 15:09Summary
Security update for cups
Severity
Important
Notes
Title of the patch: Security update for cups
Description of the patch: This update for cups fixes the following issues:
- CVE-2023-4504: Fixed heap overflow in OpenPrinting CUPS Postscript Parsing (bsc#1215204).
- CVE-2023-34241: Fixed a use-after-free problem in cupsdAcceptClient() (bsc#1212230).
- CVE-2023-32360: Fixed information leak through Cups-Get-Document operation (bsc#1214254).
Patchnames: SUSE-2023-3706,SUSE-OpenStack-Cloud-9-2023-3706,SUSE-OpenStack-Cloud-Crowbar-9-2023-3706,SUSE-SLE-SAP-12-SP4-2023-3706,SUSE-SLE-SDK-12-SP5-2023-3706,SUSE-SLE-SERVER-12-SP2-BCL-2023-3706,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-3706,SUSE-SLE-SERVER-12-SP4-LTSS-2023-3706,SUSE-SLE-SERVER-12-SP5-2023-3706
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
76 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
76 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
76 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cups",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cups fixes the following issues:\n\n- CVE-2023-4504: Fixed heap overflow in OpenPrinting CUPS Postscript Parsing (bsc#1215204).\n- CVE-2023-34241: Fixed a use-after-free problem in cupsdAcceptClient() (bsc#1212230).\n- CVE-2023-32360: Fixed information leak through Cups-Get-Document operation (bsc#1214254).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3706,SUSE-OpenStack-Cloud-9-2023-3706,SUSE-OpenStack-Cloud-Crowbar-9-2023-3706,SUSE-SLE-SAP-12-SP4-2023-3706,SUSE-SLE-SDK-12-SP5-2023-3706,SUSE-SLE-SERVER-12-SP2-BCL-2023-3706,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-3706,SUSE-SLE-SERVER-12-SP4-LTSS-2023-3706,SUSE-SLE-SERVER-12-SP5-2023-3706",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3706-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3706-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233706-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3706-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016254.html"
},
{
"category": "self",
"summary": "SUSE Bug 1212230",
"url": "https://bugzilla.suse.com/1212230"
},
{
"category": "self",
"summary": "SUSE Bug 1214254",
"url": "https://bugzilla.suse.com/1214254"
},
{
"category": "self",
"summary": "SUSE Bug 1215204",
"url": "https://bugzilla.suse.com/1215204"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32360 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-34241 page",
"url": "https://www.suse.com/security/cve/CVE-2023-34241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4504 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4504/"
}
],
"title": "Security update for cups",
"tracking": {
"current_release_date": "2023-09-20T15:09:35Z",
"generator": {
"date": "2023-09-20T15:09:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3706-1",
"initial_release_date": "2023-09-20T15:09:35Z",
"revision_history": [
{
"date": "2023-09-20T15:09:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cups-1.7.5-20.46.1.aarch64",
"product": {
"name": "cups-1.7.5-20.46.1.aarch64",
"product_id": "cups-1.7.5-20.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.46.1.aarch64",
"product": {
"name": "cups-client-1.7.5-20.46.1.aarch64",
"product_id": "cups-client-1.7.5-20.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.46.1.aarch64",
"product": {
"name": "cups-ddk-1.7.5-20.46.1.aarch64",
"product_id": "cups-ddk-1.7.5-20.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.46.1.aarch64",
"product": {
"name": "cups-devel-1.7.5-20.46.1.aarch64",
"product_id": "cups-devel-1.7.5-20.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.46.1.aarch64",
"product": {
"name": "cups-libs-1.7.5-20.46.1.aarch64",
"product_id": "cups-libs-1.7.5-20.46.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-libs-64bit-1.7.5-20.46.1.aarch64_ilp32",
"product": {
"name": "cups-libs-64bit-1.7.5-20.46.1.aarch64_ilp32",
"product_id": "cups-libs-64bit-1.7.5-20.46.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-1.7.5-20.46.1.i586",
"product": {
"name": "cups-1.7.5-20.46.1.i586",
"product_id": "cups-1.7.5-20.46.1.i586"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.46.1.i586",
"product": {
"name": "cups-client-1.7.5-20.46.1.i586",
"product_id": "cups-client-1.7.5-20.46.1.i586"
}
},
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.46.1.i586",
"product": {
"name": "cups-ddk-1.7.5-20.46.1.i586",
"product_id": "cups-ddk-1.7.5-20.46.1.i586"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.46.1.i586",
"product": {
"name": "cups-devel-1.7.5-20.46.1.i586",
"product_id": "cups-devel-1.7.5-20.46.1.i586"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.46.1.i586",
"product": {
"name": "cups-libs-1.7.5-20.46.1.i586",
"product_id": "cups-libs-1.7.5-20.46.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-1.7.5-20.46.1.ppc64le",
"product": {
"name": "cups-1.7.5-20.46.1.ppc64le",
"product_id": "cups-1.7.5-20.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.46.1.ppc64le",
"product": {
"name": "cups-client-1.7.5-20.46.1.ppc64le",
"product_id": "cups-client-1.7.5-20.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.46.1.ppc64le",
"product": {
"name": "cups-ddk-1.7.5-20.46.1.ppc64le",
"product_id": "cups-ddk-1.7.5-20.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.46.1.ppc64le",
"product": {
"name": "cups-devel-1.7.5-20.46.1.ppc64le",
"product_id": "cups-devel-1.7.5-20.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.46.1.ppc64le",
"product": {
"name": "cups-libs-1.7.5-20.46.1.ppc64le",
"product_id": "cups-libs-1.7.5-20.46.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-1.7.5-20.46.1.s390",
"product": {
"name": "cups-1.7.5-20.46.1.s390",
"product_id": "cups-1.7.5-20.46.1.s390"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.46.1.s390",
"product": {
"name": "cups-client-1.7.5-20.46.1.s390",
"product_id": "cups-client-1.7.5-20.46.1.s390"
}
},
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.46.1.s390",
"product": {
"name": "cups-ddk-1.7.5-20.46.1.s390",
"product_id": "cups-ddk-1.7.5-20.46.1.s390"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.46.1.s390",
"product": {
"name": "cups-devel-1.7.5-20.46.1.s390",
"product_id": "cups-devel-1.7.5-20.46.1.s390"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.46.1.s390",
"product": {
"name": "cups-libs-1.7.5-20.46.1.s390",
"product_id": "cups-libs-1.7.5-20.46.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-1.7.5-20.46.1.s390x",
"product": {
"name": "cups-1.7.5-20.46.1.s390x",
"product_id": "cups-1.7.5-20.46.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.46.1.s390x",
"product": {
"name": "cups-client-1.7.5-20.46.1.s390x",
"product_id": "cups-client-1.7.5-20.46.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.46.1.s390x",
"product": {
"name": "cups-ddk-1.7.5-20.46.1.s390x",
"product_id": "cups-ddk-1.7.5-20.46.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.46.1.s390x",
"product": {
"name": "cups-devel-1.7.5-20.46.1.s390x",
"product_id": "cups-devel-1.7.5-20.46.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.46.1.s390x",
"product": {
"name": "cups-libs-1.7.5-20.46.1.s390x",
"product_id": "cups-libs-1.7.5-20.46.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-libs-32bit-1.7.5-20.46.1.s390x",
"product": {
"name": "cups-libs-32bit-1.7.5-20.46.1.s390x",
"product_id": "cups-libs-32bit-1.7.5-20.46.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-1.7.5-20.46.1.x86_64",
"product": {
"name": "cups-1.7.5-20.46.1.x86_64",
"product_id": "cups-1.7.5-20.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.46.1.x86_64",
"product": {
"name": "cups-client-1.7.5-20.46.1.x86_64",
"product_id": "cups-client-1.7.5-20.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.46.1.x86_64",
"product": {
"name": "cups-ddk-1.7.5-20.46.1.x86_64",
"product_id": "cups-ddk-1.7.5-20.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.46.1.x86_64",
"product": {
"name": "cups-devel-1.7.5-20.46.1.x86_64",
"product_id": "cups-devel-1.7.5-20.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.46.1.x86_64",
"product": {
"name": "cups-libs-1.7.5-20.46.1.x86_64",
"product_id": "cups-libs-1.7.5-20.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"product": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"product_id": "cups-libs-32bit-1.7.5-20.46.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-espos:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-client-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-libs-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-ddk-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-ddk-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-ddk-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-ddk-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-devel-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-devel-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-devel-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-devel-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-client-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-client-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-client-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-client-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-libs-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-libs-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-client-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-client-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-client-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-libs-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-libs-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-client-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-client-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-client-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le"
},
"product_reference": "cups-libs-1.7.5-20.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-libs-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.46.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-32360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32360"
}
],
"notes": [
{
"category": "general",
"text": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32360",
"url": "https://www.suse.com/security/cve/CVE-2023-32360"
},
{
"category": "external",
"summary": "SUSE Bug 1214254 for CVE-2023-32360",
"url": "https://bugzilla.suse.com/1214254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-20T15:09:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-32360"
},
{
"cve": "CVE-2023-34241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-34241"
}
],
"notes": [
{
"category": "general",
"text": "OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process.\n\nThe exact cause of this issue is the function `httpClose(con-\u003ehttp)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`.\n\nVersion 2.4.6 has a patch for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-34241",
"url": "https://www.suse.com/security/cve/CVE-2023-34241"
},
{
"category": "external",
"summary": "SUSE Bug 1212230 for CVE-2023-34241",
"url": "https://bugzilla.suse.com/1212230"
},
{
"category": "external",
"summary": "SUSE Bug 1217457 for CVE-2023-34241",
"url": "https://bugzilla.suse.com/1217457"
},
{
"category": "external",
"summary": "SUSE Bug 1218317 for CVE-2023-34241",
"url": "https://bugzilla.suse.com/1218317"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-20T15:09:35Z",
"details": "important"
}
],
"title": "CVE-2023-34241"
},
{
"cve": "CVE-2023-4504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4504"
}
],
"notes": [
{
"category": "general",
"text": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4504",
"url": "https://www.suse.com/security/cve/CVE-2023-4504"
},
{
"category": "external",
"summary": "SUSE Bug 1215204 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1215204"
},
{
"category": "external",
"summary": "SUSE Bug 1217457 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1217457"
},
{
"category": "external",
"summary": "SUSE Bug 1217553 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1217553"
},
{
"category": "external",
"summary": "SUSE Bug 1218317 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1218317"
},
{
"category": "external",
"summary": "SUSE Bug 1218347 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1218347"
},
{
"category": "external",
"summary": "SUSE Bug 1221585 for CVE-2023-4504",
"url": "https://bugzilla.suse.com/1221585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-ESPOS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-client-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-ddk-1.7.5-20.46.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cups-devel-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud 9:cups-libs-32bit-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-client-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-1.7.5-20.46.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cups-libs-32bit-1.7.5-20.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-20T15:09:35Z",
"details": "important"
}
],
"title": "CVE-2023-4504"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…