rpm package
suse/cups&distro=SUSE Linux Enterprise Server 12 SP3
pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-4183 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. | ||
| CVE-2018-4182 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. | ||
| CVE-2018-4181 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | ||
| CVE-2018-4180 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | ||
| CVE-2017-18248 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Mar 26, 2018 | The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification. | ||
| CVE-2017-18190 | — | < 1.7.5-20.3.1 | 1.7.5-20.3.1 | Feb 16, 2018 | A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often reso |
- CVE-2018-4183Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.
- CVE-2018-4182Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
- CVE-2018-4181Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
- CVE-2018-4180Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
- CVE-2017-18248Mar 26, 2018affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
- CVE-2017-18190Feb 16, 2018affected < 1.7.5-20.3.1fixed 1.7.5-20.3.1
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often reso