{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73814?format=json","vulnerability_id":"VCID-f6n6-k5ye-3ugq","summary":"cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes","aliases":[{"alias":"CVE-2024-47076"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582542?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584172?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584173?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582543?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1055802?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/584174?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582544?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-6%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-6%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582545?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/927144?format=json","purl":"pkg:deb/debian/libcupsfilters@2.0.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcupsfilters@2.0.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/927145?format=json","purl":"pkg:deb/debian/libcupsfilters@2.0.0-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcupsfilters@2.0.0-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/927143?format=json","purl":"pkg:deb/debian/libcupsfilters@2.1.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcupsfilters@2.1.1-2%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035664?format=json","purl":"pkg:deb/debian/cups-filters@1.0.18-2.1%2Bdeb7u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3317-h26p-43ef"},{"vulnerability":"VCID-39f1-22a5-c7aw"},{"vulnerability":"VCID-4bxg-5tnm-y3hw"},{"vulnerability":"VCID-581d-k9k6-rke4"},{"vulnerability":"VCID-6qd1-jvb8-jqak"},{"vulnerability":"VCID-7xq5-z572-xub3"},{"vulnerability":"VCID-843p-8xve-nfer"},{"vulnerability":"VCID-8vd7-dfbu-23d4"},{"vulnerability":"VCID-9dsn-96eh-bbh4"},{"vulnerability":"VCID-bgm5-bmfa-yugq"},{"vulnerability":"VCID-cne2-7ev5-abgv"},{"vulnerability":"VCID-dvvu-6p49-vbhz"},{"vulnerability":"VCID-ed99-uccv-d7bh"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-mcmb-bvw9-dba5"},{"vulnerability":"VCID-rcep-az2v-1yab"},{"vulnerability":"VCID-uz2u-k3vm-w3c2"},{"vulnerability":"VCID-vunm-ehd2-yugs"},{"vulnerability":"VCID-vzgv-8drt-8yd5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.0.18-2.1%252Bdeb7u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1035665?format=json","purl":"pkg:deb/debian/cups-filters@1.0.61-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3317-h26p-43ef"},{"vulnerability":"VCID-39f1-22a5-c7aw"},{"vulnerability":"VCID-6qd1-jvb8-jqak"},{"vulnerability":"VCID-7xq5-z572-xub3"},{"vulnerability":"VCID-9dsn-96eh-bbh4"},{"vulnerability":"VCID-ed99-uccv-d7bh"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-rcep-az2v-1yab"},{"vulnerability":"VCID-uz2u-k3vm-w3c2"},{"vulnerability":"VCID-vzgv-8drt-8yd5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.0.61-5"},{"url":"http://public2.vulnerablecode.io/api/packages/1035666?format=json","purl":"pkg:deb/debian/cups-filters@1.0.61-5%2Bdeb8u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3317-h26p-43ef"},{"vulnerability":"VCID-39f1-22a5-c7aw"},{"vulnerability":"VCID-6qd1-jvb8-jqak"},{"vulnerability":"VCID-7xq5-z572-xub3"},{"vulnerability":"VCID-9dsn-96eh-bbh4"},{"vulnerability":"VCID-ed99-uccv-d7bh"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-rcep-az2v-1yab"},{"vulnerability":"VCID-uz2u-k3vm-w3c2"},{"vulnerability":"VCID-vzgv-8drt-8yd5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.0.61-5%252Bdeb8u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037516?format=json","purl":"pkg:deb/debian/cups-filters@1.11.6-3%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qd1-jvb8-jqak"},{"vulnerability":"VCID-7xq5-z572-xub3"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-rcep-az2v-1yab"},{"vulnerability":"VCID-vzgv-8drt-8yd5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.11.6-3%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049456?format=json","purl":"pkg:deb/debian/cups-filters@1.21.6-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qd1-jvb8-jqak"},{"vulnerability":"VCID-7xq5-z572-xub3"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-rcep-az2v-1yab"},{"vulnerability":"VCID-vzgv-8drt-8yd5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.21.6-5"},{"url":"http://public2.vulnerablecode.io/api/packages/1049457?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qd1-jvb8-jqak"},{"vulnerability":"VCID-7xq5-z572-xub3"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-rcep-az2v-1yab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u2"},{"url":"http://public2.vulnerablecode.io/api/packages/92294?format=json","purl":"pkg:rpm/redhat/cups-filters@1.0.35-26.el7_7?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.0.35-26.el7_7%3Farch=3"},{"url":"http://public2.vulnerablecode.io/api/packages/92288?format=json","purl":"pkg:rpm/redhat/cups-filters@1.0.35-29.el7_9?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.0.35-29.el7_9%3Farch=3"},{"url":"http://public2.vulnerablecode.io/api/packages/92295?format=json","purl":"pkg:rpm/redhat/cups-filters@1.20.0-19.el8_2?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-19.el8_2%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/92292?format=json","purl":"pkg:rpm/redhat/cups-filters@1.20.0-24.el8_4?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-24.el8_4%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/92297?format=json","purl":"pkg:rpm/redhat/cups-filters@1.20.0-27.el8_6?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-27.el8_6%3Farch=3"},{"url":"http://public2.vulnerablecode.io/api/packages/92293?format=json","purl":"pkg:rpm/redhat/cups-filters@1.20.0-29.el8_8?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-29.el8_8%3Farch=3"},{"url":"http://public2.vulnerablecode.io/api/packages/92291?format=json","purl":"pkg:rpm/redhat/cups-filters@1.20.0-35?arch=el8_10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.20.0-35%3Farch=el8_10"},{"url":"http://public2.vulnerablecode.io/api/packages/92290?format=json","purl":"pkg:rpm/redhat/cups-filters@1.28.7-10.el9_0?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.28.7-10.el9_0%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/92289?format=json","purl":"pkg:rpm/redhat/cups-filters@1.28.7-11.el9_2?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.28.7-11.el9_2%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/92296?format=json","purl":"pkg:rpm/redhat/cups-filters@1.28.7-17?arch=el9_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am36-6m5v-fkba"},{"vulnerability":"VCID-f6n6-k5ye-3ugq"},{"vulnerability":"VCID-jvcy-2qyh-jqg4"},{"vulnerability":"VCID-n7d3-6m3d-gbf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups-filters@1.28.7-17%3Farch=el9_4"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47076.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47076.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47076","reference_id":"","reference_type":"","scores":[{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98834","published_at":"2026-04-29T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98813","published_at":"2026-04-04T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98816","published_at":"2026-04-07T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98817","published_at":"2026-04-09T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98819","published_at":"2026-04-11T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.9882","published_at":"2026-04-12T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98821","published_at":"2026-04-13T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98825","published_at":"2026-04-16T12:55:00Z"},{"value":"0.73875","scoring_system":"epss","scoring_elements":"0.98827","published_at":"2026-04-18T12:55:00Z"},{"value":"0.74242","scoring_system":"epss","scoring_elements":"0.98849","published_at":"2026-04-21T12:55:00Z"},{"value":"0.74242","scoring_system":"epss","scoring_elements":"0.98853","published_at":"2026-04-26T12:55:00Z"},{"value":"0.74242","scoring_system":"epss","scoring_elements":"0.9883","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082821","reference_id":"1082821","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082821"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082827","reference_id":"1082827","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082827"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2314253","reference_id":"2314253","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2314253"},{"reference_url":"https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I","reference_id":"Attacking-UNIX-systems-via-CUPS-Part-I","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/"}],"url":"https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I"},{"reference_url":"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6","reference_id":"GHSA-7xfx-47qg-grp6","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/"}],"url":"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47","reference_id":"GHSA-p9rh-jxmq-gq47","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47"},{"reference_url":"https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8","reference_id":"GHSA-rj88-6mr5-rcw8","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/"}],"url":"https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8"},{"reference_url":"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5","reference_id":"GHSA-w63j-6g73-wmg5","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/"}],"url":"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7346","reference_id":"RHSA-2024:7346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7461","reference_id":"RHSA-2024:7461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7462","reference_id":"RHSA-2024:7462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7463","reference_id":"RHSA-2024:7463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7503","reference_id":"RHSA-2024:7503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7504","reference_id":"RHSA-2024:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7506","reference_id":"RHSA-2024:7506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7551","reference_id":"RHSA-2024:7551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7553","reference_id":"RHSA-2024:7553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7623","reference_id":"RHSA-2024:7623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7623"},{"reference_url":"https://usn.ubuntu.com/7043-1/","reference_id":"USN-7043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7043-1/"},{"reference_url":"https://usn.ubuntu.com/7043-4/","reference_id":"USN-7043-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7043-4/"},{"reference_url":"https://usn.ubuntu.com/7044-1/","reference_id":"USN-7044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7044-1/"},{"reference_url":"https://www.cups.org","reference_id":"www.cups.org","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:59:05Z/"}],"url":"https://www.cups.org"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."}],"exploits":[{"date_added":null,"description":"This module exploits vulnerabilities in OpenPrinting CUPS, which is running by\n          default on most Linux distributions. The vulnerabilities allow an attacker on\n          the LAN to advertise a malicious printer that triggers remote code execution\n          when a victim sends a print job to the malicious printer. Successful exploitation\n          requires user interaction, but no CUPS services need to be reachable via accessible\n          ports. Code execution occurs in the context of the lp user. Affected versions\n          are cups-browsed <= 2.0.1, libcupsfilters <= 2.1b1, libppd <= 2.1b1, and\n          cups-filters <= 2.0.1.","required_action":null,"due_date":null,"notes":"Stability:\n  - crash-safe\nReliability:\n  - event-dependent\nSideEffects:\n  - ioc-in-logs\n  - artifacts-on-disk\n","known_ransomware_campaign_use":false,"source_date_published":"2024-09-26","exploit_type":null,"platform":"Linux,Unix","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/misc/cups_ipp_remote_code_execution.rb"}],"severity_range_score":"7.5 - 8.6","exploitability":"2.0","weighted_severity":"7.7","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f6n6-k5ye-3ugq"}