Vasion Print (formerly PrinterLogic) Use of Outdated, End-Of-Life, and Vulnerable Third-Party Components
Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 (VA and SaaS deployments) contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components (examples: Nginx 1.17.x, OpenSSL 1.1.1d, various EOL Alpine/Debian/Ubuntu base images, and EOL Laravel/PHP libraries). These components are present across many container images and increase the product's attack surface, enabling exploitation chains when leveraged by an attacker. Multiple distinct EOL versions and unpatched libraries across containers; Nginx binaries date from 2019 in several images and Laravel versions observed include EOL releases (for example Laravel 5.5.x, 5.7.x, 5.8.x). This vulnerability has been identified by the vendor as: V-2024-014 — Outdated Dependencies.
Affected products
4- Range: <20.0.2614
- Range: <22.0.1002
- Vasion/Print Applicationv5Range: *
- Vasion/Print Virtual Appliance Hostv5Range: *
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- help.printerlogic.com/saas/Print/Security/Security-Bulletins.htmmitrevendor-advisorypatch
- help.printerlogic.com/va/Print/Security/Security-Bulletins.htmmitrevendor-advisorypatch
- www.vulncheck.com/advisories/vasion-print-printerlogic-use-of-outdated-eol-vulnerable-third-party-componentsmitrethird-party-advisory
- pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.htmlmitretechnical-description
News mentions
0No linked articles in our index yet.