{"url":"http://public2.vulnerablecode.io/api/packages/505136?format=json","purl":"pkg:ebuild/net-print/cups@1.2.12-r7","type":"ebuild","namespace":"net-print","name":"cups","version":"1.2.12-r7","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.2.12-r8","latest_non_vulnerable_version":"3.01-r2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65526?format=json","vulnerability_id":"VCID-3533-y9b8-4bhw","summary":"Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer.  NOTE: some of these details are obtained from third party information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0882.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0882.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0882","reference_id":"","reference_type":"","scores":[{"value":"0.23075","scoring_system":"epss","scoring_elements":"0.96025","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23075","scoring_system":"epss","scoring_elements":"0.96029","published_at":"2026-06-05T12:55:00Z"},{"value":"0.23075","scoring_system":"epss","scoring_elements":"0.96033","published_at":"2026-06-06T12:55:00Z"},{"value":"0.23075","scoring_system":"epss","scoring_elements":"0.96034","published_at":"2026-06-08T12:55:00Z"},{"value":"0.23075","scoring_system":"epss","scoring_elements":"0.96039","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0882"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=433758","reference_id":"433758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=433758"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467653","reference_id":"467653","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467653"},{"reference_url":"https://security.gentoo.org/glsa/200804-01","reference_id":"GLSA-200804-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0157","reference_id":"RHSA-2008:0157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0157"},{"reference_url":"https://usn.ubuntu.com/598-1/","reference_id":"USN-598-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/598-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/505136?format=json","purl":"pkg:ebuild/net-print/cups@1.2.12-r7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@1.2.12-r7"}],"aliases":["CVE-2008-0882"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3533-y9b8-4bhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65522?format=json","vulnerability_id":"VCID-3gfh-tvv4-4ybh","summary":"Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0047.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0047.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0047","reference_id":"","reference_type":"","scores":[{"value":"0.25276","scoring_system":"epss","scoring_elements":"0.96303","published_at":"2026-06-04T12:55:00Z"},{"value":"0.25276","scoring_system":"epss","scoring_elements":"0.96307","published_at":"2026-06-05T12:55:00Z"},{"value":"0.25276","scoring_system":"epss","scoring_elements":"0.9631","published_at":"2026-06-07T12:55:00Z"},{"value":"0.25276","scoring_system":"epss","scoring_elements":"0.96311","published_at":"2026-06-08T12:55:00Z"},{"value":"0.25276","scoring_system":"epss","scoring_elements":"0.96316","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=436153","reference_id":"436153","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=436153"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472105","reference_id":"472105","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472105"},{"reference_url":"https://security.gentoo.org/glsa/200804-01","reference_id":"GLSA-200804-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0192","reference_id":"RHSA-2008:0192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0192"},{"reference_url":"https://usn.ubuntu.com/598-1/","reference_id":"USN-598-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/598-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/505136?format=json","purl":"pkg:ebuild/net-print/cups@1.2.12-r7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@1.2.12-r7"}],"aliases":["CVE-2008-0047"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gfh-tvv4-4ybh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65528?format=json","vulnerability_id":"VCID-f9cs-s6cm-zbgg","summary":"Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1373.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1373.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1373","reference_id":"","reference_type":"","scores":[{"value":"0.07511","scoring_system":"epss","scoring_elements":"0.91943","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07511","scoring_system":"epss","scoring_elements":"0.91956","published_at":"2026-06-05T12:55:00Z"},{"value":"0.07511","scoring_system":"epss","scoring_elements":"0.91957","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07511","scoring_system":"epss","scoring_elements":"0.91954","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07511","scoring_system":"epss","scoring_elements":"0.91955","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07511","scoring_system":"epss","scoring_elements":"0.91969","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=438303","reference_id":"438303","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=438303"},{"reference_url":"https://security.gentoo.org/glsa/200804-01","reference_id":"GLSA-200804-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0192","reference_id":"RHSA-2008:0192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0206","reference_id":"RHSA-2008:0206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0206"},{"reference_url":"https://usn.ubuntu.com/598-1/","reference_id":"USN-598-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/598-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/505136?format=json","purl":"pkg:ebuild/net-print/cups@1.2.12-r7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@1.2.12-r7"}],"aliases":["CVE-2008-1373"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9cs-s6cm-zbgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65523?format=json","vulnerability_id":"VCID-v6uv-14s2-63ev","summary":"Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0053.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0053","reference_id":"","reference_type":"","scores":[{"value":"0.27566","scoring_system":"epss","scoring_elements":"0.96524","published_at":"2026-06-04T12:55:00Z"},{"value":"0.27566","scoring_system":"epss","scoring_elements":"0.96526","published_at":"2026-06-05T12:55:00Z"},{"value":"0.27566","scoring_system":"epss","scoring_elements":"0.9653","published_at":"2026-06-08T12:55:00Z"},{"value":"0.27566","scoring_system":"epss","scoring_elements":"0.96535","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=438117","reference_id":"438117","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=438117"},{"reference_url":"https://security.gentoo.org/glsa/200804-01","reference_id":"GLSA-200804-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0192","reference_id":"RHSA-2008:0192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0206","reference_id":"RHSA-2008:0206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0206"},{"reference_url":"https://usn.ubuntu.com/598-1/","reference_id":"USN-598-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/598-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/505136?format=json","purl":"pkg:ebuild/net-print/cups@1.2.12-r7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@1.2.12-r7"}],"aliases":["CVE-2008-0053"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6uv-14s2-63ev"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@1.2.12-r7"}