VulnerableCode Package Details - pkg:deb/ubuntu/cups@2.2.7-1ubuntu2.2

Search for packages

Package details: pkg:deb/ubuntu/cups@2.2.7-1ubuntu2.2

Essentials
History (0)

purl	pkg:deb/ubuntu/cups@2.2.7-1ubuntu2.2

Next non-vulnerable version	2.3.1-9ubuntu1.1
Latest non-vulnerable version	2.3.1-9ubuntu1.1
Risk	4.0

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-3dsn-2jt3-aaak Aliases: CVE-2018-4300	The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.	2.3.1-9ubuntu1.1 Affected by 0 other vulnerabilities.
VCID-cs84-z94n-aaac Aliases: CVE-2019-2228	In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-111210196	2.2.12-2ubuntu1.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.3.1-4 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-gd2u-4vv8-aaak Aliases: CVE-2019-8696	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.	2.2.7-1ubuntu2.7 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hcxc-ggtu-aaaf Aliases: CVE-2020-3898	A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.	2.2.12-2ubuntu1.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.3.1-9ubuntu1.1 Affected by 0 other vulnerabilities.
VCID-qmhw-fw7n-aaah Aliases: CVE-2019-2180	In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.	2.3.1-9ubuntu1.1 Affected by 0 other vulnerabilities.
VCID-tkcn-88pf-aaag Aliases: CVE-2019-8675	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.	2.2.7-1ubuntu2.7 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-4sn3-cw3j-aaaa	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage	CVE-2018-4700

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version