Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-f6n6-k5ye-3ugq
Summarycups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
Aliases
0
alias CVE-2024-47076
Fixed_packages
0
url pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2
purl pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u2
5
url pkg:deb/debian/cups-filters@1.28.17-5?distro=trixie
purl pkg:deb/debian/cups-filters@1.28.17-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-5%3Fdistro=trixie
6
url pkg:deb/debian/cups-filters@1.28.17-6%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/cups-filters@1.28.17-6%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-6%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/cups-filters@1.28.17-7?distro=trixie
purl pkg:deb/debian/cups-filters@1.28.17-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-7%3Fdistro=trixie
8
url pkg:deb/debian/libcupsfilters@2.0.0-3?distro=trixie
purl pkg:deb/debian/libcupsfilters@2.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcupsfilters@2.0.0-3%3Fdistro=trixie
9
url pkg:deb/debian/libcupsfilters@2.0.0-3%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/libcupsfilters@2.0.0-3%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcupsfilters@2.0.0-3%252Bdeb13u1%3Fdistro=trixie
10
url pkg:deb/debian/libcupsfilters@2.1.1-2?distro=trixie
purl pkg:deb/debian/libcupsfilters@2.1.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcupsfilters@2.1.1-2%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/cups-filters@1.0.18-2.1%2Bdeb7u2
purl pkg:deb/debian/cups-filters@1.0.18-2.1%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3317-h26p-43ef
1
vulnerability VCID-39f1-22a5-c7aw
2
vulnerability VCID-4bxg-5tnm-y3hw
3
vulnerability VCID-581d-k9k6-rke4
4
vulnerability VCID-6qd1-jvb8-jqak
5
vulnerability VCID-7xq5-z572-xub3
6
vulnerability VCID-843p-8xve-nfer
7
vulnerability VCID-8vd7-dfbu-23d4
8
vulnerability VCID-9dsn-96eh-bbh4
9
vulnerability VCID-bgm5-bmfa-yugq
10
vulnerability VCID-cne2-7ev5-abgv
11
vulnerability VCID-dvvu-6p49-vbhz
12
vulnerability VCID-ed99-uccv-d7bh
13
vulnerability VCID-f6n6-k5ye-3ugq
14
vulnerability VCID-jvcy-2qyh-jqg4
15
vulnerability VCID-mcmb-bvw9-dba5
16
vulnerability VCID-rcep-az2v-1yab
17
vulnerability VCID-uz2u-k3vm-w3c2
18
vulnerability VCID-vunm-ehd2-yugs
19
vulnerability VCID-vzgv-8drt-8yd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.0.18-2.1%252Bdeb7u2
1
url pkg:deb/debian/cups-filters@1.0.61-5
purl pkg:deb/debian/cups-filters@1.0.61-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3317-h26p-43ef
1
vulnerability VCID-39f1-22a5-c7aw
2
vulnerability VCID-6qd1-jvb8-jqak
3
vulnerability VCID-7xq5-z572-xub3
4
vulnerability VCID-9dsn-96eh-bbh4
5
vulnerability VCID-ed99-uccv-d7bh
6
vulnerability VCID-f6n6-k5ye-3ugq
7
vulnerability VCID-jvcy-2qyh-jqg4
8
vulnerability VCID-rcep-az2v-1yab
9
vulnerability VCID-uz2u-k3vm-w3c2
10
vulnerability VCID-vzgv-8drt-8yd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.0.61-5
2
url pkg:deb/debian/cups-filters@1.0.61-5%2Bdeb8u3
purl pkg:deb/debian/cups-filters@1.0.61-5%2Bdeb8u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3317-h26p-43ef
1
vulnerability VCID-39f1-22a5-c7aw
2
vulnerability VCID-6qd1-jvb8-jqak
3
vulnerability VCID-7xq5-z572-xub3
4
vulnerability VCID-9dsn-96eh-bbh4
5
vulnerability VCID-ed99-uccv-d7bh
6
vulnerability VCID-f6n6-k5ye-3ugq
7
vulnerability VCID-jvcy-2qyh-jqg4
8
vulnerability VCID-rcep-az2v-1yab
9
vulnerability VCID-uz2u-k3vm-w3c2
10
vulnerability VCID-vzgv-8drt-8yd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.0.61-5%252Bdeb8u3
3
url pkg:deb/debian/cups-filters@1.11.6-3%2Bdeb9u1
purl pkg:deb/debian/cups-filters@1.11.6-3%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6qd1-jvb8-jqak
1
vulnerability VCID-7xq5-z572-xub3
2
vulnerability VCID-f6n6-k5ye-3ugq
3
vulnerability VCID-jvcy-2qyh-jqg4
4
vulnerability VCID-rcep-az2v-1yab
5
vulnerability VCID-vzgv-8drt-8yd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.11.6-3%252Bdeb9u1
4
url pkg:deb/debian/cups-filters@1.21.6-5
purl pkg:deb/debian/cups-filters@1.21.6-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6qd1-jvb8-jqak
1
vulnerability VCID-7xq5-z572-xub3
2
vulnerability VCID-f6n6-k5ye-3ugq
3
vulnerability VCID-jvcy-2qyh-jqg4
4
vulnerability VCID-rcep-az2v-1yab
5
vulnerability VCID-vzgv-8drt-8yd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.21.6-5
5
url pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2
purl pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6qd1-jvb8-jqak
1
vulnerability VCID-7xq5-z572-xub3
2
vulnerability VCID-f6n6-k5ye-3ugq
3
vulnerability VCID-jvcy-2qyh-jqg4
4
vulnerability VCID-rcep-az2v-1yab
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u2
6
url pkg:rpm/redhat/cups-filters@1.0.35-26.el7_7?arch=3
purl pkg:rpm/redhat/cups-filters@1.0.35-26.el7_7?arch=3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.0.35-26.el7_7%3Farch=3
7
url pkg:rpm/redhat/cups-filters@1.0.35-29.el7_9?arch=3
purl pkg:rpm/redhat/cups-filters@1.0.35-29.el7_9?arch=3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.0.35-29.el7_9%3Farch=3
8
url pkg:rpm/redhat/cups-filters@1.20.0-19.el8_2?arch=2
purl pkg:rpm/redhat/cups-filters@1.20.0-19.el8_2?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-19.el8_2%3Farch=2
9
url pkg:rpm/redhat/cups-filters@1.20.0-24.el8_4?arch=2
purl pkg:rpm/redhat/cups-filters@1.20.0-24.el8_4?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-24.el8_4%3Farch=2
10
url pkg:rpm/redhat/cups-filters@1.20.0-27.el8_6?arch=3
purl pkg:rpm/redhat/cups-filters@1.20.0-27.el8_6?arch=3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-27.el8_6%3Farch=3
11
url pkg:rpm/redhat/cups-filters@1.20.0-29.el8_8?arch=3
purl pkg:rpm/redhat/cups-filters@1.20.0-29.el8_8?arch=3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-29.el8_8%3Farch=3
12
url pkg:rpm/redhat/cups-filters@1.20.0-35?arch=el8_10
purl pkg:rpm/redhat/cups-filters@1.20.0-35?arch=el8_10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-35%3Farch=el8_10
13
url pkg:rpm/redhat/cups-filters@1.28.7-10.el9_0?arch=2
purl pkg:rpm/redhat/cups-filters@1.28.7-10.el9_0?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.28.7-10.el9_0%3Farch=2
14
url pkg:rpm/redhat/cups-filters@1.28.7-11.el9_2?arch=2
purl pkg:rpm/redhat/cups-filters@1.28.7-11.el9_2?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.28.7-11.el9_2%3Farch=2
15
url pkg:rpm/redhat/cups-filters@1.28.7-17?arch=el9_4
purl pkg:rpm/redhat/cups-filters@1.28.7-17?arch=el9_4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am36-6m5v-fkba
1
vulnerability VCID-f6n6-k5ye-3ugq
2
vulnerability VCID-jvcy-2qyh-jqg4
3
vulnerability VCID-n7d3-6m3d-gbf3
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.28.7-17%3Farch=el9_4
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47076.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47076.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47076
reference_id
reference_type
scores
0
value 0.73875
scoring_system epss
scoring_elements 0.98827
published_at 2026-04-18T12:55:00Z
1
value 0.73875
scoring_system epss
scoring_elements 0.98825
published_at 2026-04-16T12:55:00Z
2
value 0.73875
scoring_system epss
scoring_elements 0.98821
published_at 2026-04-13T12:55:00Z
3
value 0.73875
scoring_system epss
scoring_elements 0.9882
published_at 2026-04-12T12:55:00Z
4
value 0.73875
scoring_system epss
scoring_elements 0.98819
published_at 2026-04-11T12:55:00Z
5
value 0.73875
scoring_system epss
scoring_elements 0.98817
published_at 2026-04-09T12:55:00Z
6
value 0.73875
scoring_system epss
scoring_elements 0.98813
published_at 2026-04-04T12:55:00Z
7
value 0.73875
scoring_system epss
scoring_elements 0.98816
published_at 2026-04-07T12:55:00Z
8
value 0.74242
scoring_system epss
scoring_elements 0.98849
published_at 2026-04-21T12:55:00Z
9
value 0.74242
scoring_system epss
scoring_elements 0.9883
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47076
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47076
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082821
reference_id 1082821
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082821
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082827
reference_id 1082827
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082827
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2314253
reference_id 2314253
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2314253
7
reference_url https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I
reference_id Attacking-UNIX-systems-via-CUPS-Part-I
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/
url https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I
8
reference_url https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6
reference_id GHSA-7xfx-47qg-grp6
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/
url https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6
9
reference_url https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47
reference_id GHSA-p9rh-jxmq-gq47
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/
url https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47
10
reference_url https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
reference_id GHSA-rj88-6mr5-rcw8
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/
url https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
11
reference_url https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5
reference_id GHSA-w63j-6g73-wmg5
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/
url https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5
12
reference_url https://access.redhat.com/errata/RHSA-2024:7346
reference_id RHSA-2024:7346
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7346
13
reference_url https://access.redhat.com/errata/RHSA-2024:7461
reference_id RHSA-2024:7461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7461
14
reference_url https://access.redhat.com/errata/RHSA-2024:7462
reference_id RHSA-2024:7462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7462
15
reference_url https://access.redhat.com/errata/RHSA-2024:7463
reference_id RHSA-2024:7463
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7463
16
reference_url https://access.redhat.com/errata/RHSA-2024:7503
reference_id RHSA-2024:7503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7503
17
reference_url https://access.redhat.com/errata/RHSA-2024:7504
reference_id RHSA-2024:7504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7504
18
reference_url https://access.redhat.com/errata/RHSA-2024:7506
reference_id RHSA-2024:7506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7506
19
reference_url https://access.redhat.com/errata/RHSA-2024:7551
reference_id RHSA-2024:7551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7551
20
reference_url https://access.redhat.com/errata/RHSA-2024:7553
reference_id RHSA-2024:7553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7553
21
reference_url https://access.redhat.com/errata/RHSA-2024:7623
reference_id RHSA-2024:7623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7623
22
reference_url https://usn.ubuntu.com/7043-1/
reference_id USN-7043-1
reference_type
scores
url https://usn.ubuntu.com/7043-1/
23
reference_url https://usn.ubuntu.com/7043-4/
reference_id USN-7043-4
reference_type
scores
url https://usn.ubuntu.com/7043-4/
24
reference_url https://usn.ubuntu.com/7044-1/
reference_id USN-7044-1
reference_type
scores
url https://usn.ubuntu.com/7044-1/
25
reference_url https://www.cups.org
reference_id www.cups.org
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/
url https://www.cups.org
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
0
date_added null
description 
This module exploits vulnerabilities in OpenPrinting CUPS, which is running by
          default on most Linux distributions. The vulnerabilities allow an attacker on
          the LAN to advertise a malicious printer that triggers remote code execution
          when a victim sends a print job to the malicious printer. Successful exploitation
          requires user interaction, but no CUPS services need to be reachable via accessible
          ports. Code execution occurs in the context of the lp user. Affected versions
          are cups-browsed <= 2.0.1, libcupsfilters <= 2.1b1, libppd <= 2.1b1, and
          cups-filters <= 2.0.1.
required_action null
due_date null
notes 
Stability:
  - crash-safe
Reliability:
  - event-dependent
SideEffects:
  - ioc-in-logs
  - artifacts-on-disk
known_ransomware_campaign_use false
source_date_published 2024-09-26
exploit_type null
platform Linux,Unix
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/misc/cups_ipp_remote_code_execution.rb
Severity_range_score7.5 - 8.6
Exploitability2.0
Weighted_severity7.7
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-f6n6-k5ye-3ugq