Openprinting Cups vulnerabilities

CVE-2026-39314 [MEDIUM] CWE-191 CVE-2026-39314: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in _ppdCreateFromIPP() (cups/ppd-cache.c) allows any unprivileged local user to crash the cupsd root process by supplying a negative job-password-supported IPP attribute. The bounds che

CVE-2026-39316 [MEDIUM] CWE-416 CVE-2026-39316: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler (cupsd) when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters() in scheduler/printers.c calls cupsdDeletePrinter() without first expir

CVE-2026-34978 [MEDIUM] CWE-22 CVE-2026-34978: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri (e.g., rss:///../job.cache), letting a remote IPP client write RSS XML bytes outside CacheDir/rss (anywhere that is lp-writable). In particular, because Ca

CVE-2026-34990 [MEDIUM] CWE-287 CVE-2026-34990: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That token is enough to drive /admin/ requests on localhost,

CVE-2026-27447 [MEDIUM] CWE-863 CVE-2026-27447: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon (cupsd) contains an authorization bypass vulnerability due to case-insensitive username comparison during authorization checks. The vulnerability allows an unprivileged user to gain unauthorized access to res

CVE-2026-34980 [MEDIUM] CWE-20 CVE-2026-34980: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentication. The server accepts a page-border value supplied as textWithoutLang

CVE-2026-34979 [MEDIUM] CWE-122 CVE-2026-34979: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, there is a heap-based buffer overflow in the CUPS scheduler when building filter option strings from job attribute. At time of publication, there are no publicly available patches.

CVE-2025-61915 [MEDIUM] CWE-124 CVE-2025-61915: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. This issue has been pa

CVE-2025-58436 [MEDIUM] CWE-400 CVE-2025-58436: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15.

CVE-2025-58060 [HIGH] CWE-287 CVE-2025-58060: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `Auth

CVE-2025-58364 [MEDIUM] CVE-2025-58364: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups & cup

CVE-2024-47176 [MEDIUM] CWE-1327 CVE-2024-47176: CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an

CVE-2024-35235 [MEDIUM] CWE-59 CVE-2024-35235: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the

CVE-2023-4504 [HIGH] CWE-122 CVE-2023-4504: Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUP Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.

CVE-2023-34241 [HIGH] CWE-416 CVE-2023-34241: OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like op OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts

CVE-2023-32324 [MEDIUM] CWE-122 CVE-2023-32324: OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer over OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vuln

CVE-2022-26691 [MEDIUM] CWE-697 CVE-2022-26691: A logic issue was addressed with improved state management. This issue is fixed in Security Update 2 A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.