Package cups updated to version 2.2.10-alt1 for branch sisyphus in task 223264.

Published: 2018-12-07

BDU:2021-00500

Уязвимость веб-интерфейса сервера печати CUPS, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (5.9) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

References:

CVE-2018-4300

Published: 2019-04-03
Modified: 2024-11-21

CVE-2018-4300

The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.

Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

References:

107785
107785
https://github.com/apple/cups/releases/tag/v2.2.10
https://github.com/apple/cups/releases/tag/v2.2.10
[debian-lts-announce] 20190928 [SECURITY] [DLA 1936-1] cups security update
[debian-lts-announce] 20190928 [SECURITY] [DLA 1936-1] cups security update

Version: 2.1.0

Package cups update in sisyphus on 2019-03-05

ALT-PU-2019-1349-1

Closed vulnerabilities

BDU:2021-00500

CVE-2018-4300