Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenPrinting — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting OpenPrinting. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenPrinting provides essential open-source printing software, primarily CUPS, which serves as the standard printing system for Linux and macOS. Its core function involves managing print queues, drivers, and network printing protocols, making it a critical infrastructure component for enterprise and consumer devices. Historically, vulnerabilities in this ecosystem have frequently involved remote code execution, buffer overflows, and privilege escalation, often stemming from complex parsing of PostScript or PDF files. Notable incidents include critical flaws allowing unauthenticated attackers to execute arbitrary commands or crash the system via malformed print jobs. While the project maintains an active security response process, the sheer volume of 25 recorded CVEs highlights the inherent risks in handling diverse, legacy printer protocols. These weaknesses underscore the necessity for rigorous input validation and regular patching to prevent exploitation in networked environments where printing services are exposed.

Top products by OpenPrinting: cups cups-filters libcupsfilters cpdb-libs libppd cups-browsed ippusbxd
CVE IDTitleCVSSSeverityPublished
CVE-2026-41079 OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users — cupsCWE-125 4.3 Medium2026-04-24
CVE-2026-39316 CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer — cupsCWE-416 4.0 Medium2026-04-07
CVE-2026-39314 CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported` — cupsCWE-191 4.0 Medium2026-04-07
CVE-2026-34980 OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network — cupsCWE-20 9.8AICriticalAI2026-04-03
CVE-2026-34979 OpenPrinting CUPS: Heap overflow in `get_options()` — cupsCWE-122 5.3 Medium2026-04-03
CVE-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) — cupsCWE-22 6.5 Medium2026-04-03
CVE-2026-34990 OpenPrinting CUPS: Local print admin token disclosure using temporary printers — cupsCWE-287 7.8AIHighAI2026-04-03
CVE-2026-27447 OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup — cupsCWE-863 4.8 Medium2026-04-03
CVE-2025-58436 OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack — cupsCWE-400 5.1 Medium2025-11-29
CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write — cupsCWE-129 6.0 Medium2025-11-29
CVE-2025-64524 CUPS rastertopclx Filter Vulnerable to Heap Buffer Overflow Leading to Potential Arbitrary Code Execution — cups-filtersCWE-122 3.3 Low2025-11-20
CVE-2025-64503 [BIGSLEEP-434615384] cups-filters 1.x: out of bounds write in pdftoraster — cups-filtersCWE-787 4.0 Medium2025-11-12
CVE-2025-57812 [BIGSLEEP-434612419] CUPS-Filters has heap-buffer-overflow write in `cfImageLut()` — libcupsfiltersCWE-125 3.7 Low2025-11-12
CVE-2025-58364 cups: Remote DoS via null dereference — cupsCWE-20 6.5 Medium2025-09-11
CVE-2025-58060 cups has Authentication bypass with AuthType Negotiate — cupsCWE-287 8.0 High2025-09-11
CVE-2024-45062 OpenPrinting IPPUSBXD 安全漏洞 — ippusbxdCWE-121 6.4 Medium2025-08-19
CVE-2024-47175 libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer — libppdCWE-20 8.6 High2024-09-26
CVE-2024-47076 libcupsfilters's cfGetPrinterAttributes5 does not validate IPP attributes returned from an IPP server — libcupsfiltersCWE-20 8.6 High2024-09-26
CVE-2024-47176 cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source — cups-browsedCWE-1327 5.3 Medium2024-09-26
CVE-2024-35235 Cupsd Listen arbitrary chmod 0140777 — cupsCWE-59 4.4 Medium2024-06-11
CVE-2023-4504 OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow — CUPSCWE-122 7.8 -2023-09-21
CVE-2023-34241 CUPS vulnerable to use-after-free in cupsdAcceptClient() — cupsCWE-416 5.3 Medium2023-06-22
CVE-2023-34095 cpdb-libs vulnerable to buffer overflows via scanf — cpdb-libsCWE-121 9.8 Critical2023-06-14
CVE-2023-32324 OpenPrinting CUPS vulnerable to heap buffer overflow — cupsCWE-122 7.5 High2023-06-01
CVE-2023-24805 Command injection in cups-filters — cups-filtersCWE-78 8.8 High2023-05-17

This page lists every published CVE security advisory associated with OpenPrinting. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.