rpm package
suse/cups&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34990 | Hig | 7.8 | < 1.7.5-20.62.1 | 1.7.5-20.62.1 | Apr 3, 2026 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local . | |
| CVE-2026-34980 | Hig | 7.5 | < 1.7.5-20.62.1 | 1.7.5-20.62.1 | Apr 3, 2026 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentica | |
| CVE-2025-61915 | — | < 1.7.5-20.57.1 | 1.7.5-20.57.1 | Nov 29, 2025 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse | ||
| CVE-2025-58364 | — | < 1.7.5-20.54.1 | 1.7.5-20.54.1 | Sep 11, 2025 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability a | ||
| CVE-2025-58060 | — | < 1.7.5-20.54.1 | 1.7.5-20.54.1 | Sep 11, 2025 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This |
- affected < 1.7.5-20.62.1fixed 1.7.5-20.62.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local .
- affected < 1.7.5-20.62.1fixed 1.7.5-20.62.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentica
- CVE-2025-61915Nov 29, 2025affected < 1.7.5-20.57.1fixed 1.7.5-20.57.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse
- CVE-2025-58364Sep 11, 2025affected < 1.7.5-20.54.1fixed 1.7.5-20.54.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability a
- CVE-2025-58060Sep 11, 2025affected < 1.7.5-20.54.1fixed 1.7.5-20.54.1
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This