Openprinting Libppd vulnerabilities

CVE-2024-47175 [CRITICAL] CWE-20 CVE-2024-47175: CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately

CVE-2023-4504 [HIGH] CWE-122 CVE-2023-4504: Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUP Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.