rpm package
suse/cups&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-25317 | — | < 1.7.5-20.36.1 | 1.7.5-20.36.1 | May 5, 2021 | A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root wit | ||
| CVE-2019-8696 | — | < 1.7.5-20.26.1 | 1.7.5-20.26.1 | Oct 27, 2020 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. | ||
| CVE-2019-8675 | — | < 1.7.5-20.26.1 | 1.7.5-20.26.1 | Oct 27, 2020 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. | ||
| CVE-2020-3898 | — | < 1.7.5-20.29.1 | 1.7.5-20.29.1 | Oct 22, 2020 | A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges. | ||
| CVE-2018-4183 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. | ||
| CVE-2018-4182 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. | ||
| CVE-2018-4181 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | ||
| CVE-2018-4180 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | ||
| CVE-2017-18248 | — | < 1.7.5-20.14.1 | 1.7.5-20.14.1 | Mar 26, 2018 | The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification. | ||
| CVE-2017-18190 | — | < 1.7.5-20.3.1 | 1.7.5-20.3.1 | Feb 16, 2018 | A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often reso |
- CVE-2021-25317May 5, 2021affected < 1.7.5-20.36.1fixed 1.7.5-20.36.1
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root wit
- CVE-2019-8696Oct 27, 2020affected < 1.7.5-20.26.1fixed 1.7.5-20.26.1
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
- CVE-2019-8675Oct 27, 2020affected < 1.7.5-20.26.1fixed 1.7.5-20.26.1
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
- CVE-2020-3898Oct 22, 2020affected < 1.7.5-20.29.1fixed 1.7.5-20.29.1
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.
- CVE-2018-4183Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.
- CVE-2018-4182Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
- CVE-2018-4181Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
- CVE-2018-4180Jan 11, 2019affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
- CVE-2017-18248Mar 26, 2018affected < 1.7.5-20.14.1fixed 1.7.5-20.14.1
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
- CVE-2017-18190Feb 16, 2018affected < 1.7.5-20.3.1fixed 1.7.5-20.3.1
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often reso