rpm package
suse/cups&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34990 | Hig | 7.8 | < 2.2.7-150000.3.86.1 | 2.2.7-150000.3.86.1 | Apr 3, 2026 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local . | |
| CVE-2025-58364 | — | < 2.2.7-150000.3.72.1 | 2.2.7-150000.3.72.1 | Sep 11, 2025 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability a | ||
| CVE-2025-58060 | — | < 2.2.7-150000.3.72.1 | 2.2.7-150000.3.72.1 | Sep 11, 2025 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This | ||
| CVE-2024-47175 | — | < 2.2.7-150000.3.72.1 | 2.2.7-150000.3.72.1 | Sep 26, 2024 | CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPr | ||
| CVE-2024-35235 | — | < 2.2.7-150000.3.59.1 | 2.2.7-150000.3.59.1 | Jun 11, 2024 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary |
- affected < 2.2.7-150000.3.86.1fixed 2.2.7-150000.3.86.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local .
- CVE-2025-58364Sep 11, 2025affected < 2.2.7-150000.3.72.1fixed 2.2.7-150000.3.72.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability a
- CVE-2025-58060Sep 11, 2025affected < 2.2.7-150000.3.72.1fixed 2.2.7-150000.3.72.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This
- CVE-2024-47175Sep 26, 2024affected < 2.2.7-150000.3.72.1fixed 2.2.7-150000.3.72.1
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPr
- CVE-2024-35235Jun 11, 2024affected < 2.2.7-150000.3.59.1fixed 2.2.7-150000.3.59.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary