{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T08:40:57.538","vulnerabilities":[{"cve":{"id":"CVE-2024-47076","sourceIdentifier":"security-advisories@github.com","published":"2024-09-26T22:15:04.063","lastModified":"2025-11-03T23:16:12.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system."},{"lang":"es","value":"CUPS es un sistema de impresión de código abierto basado en estándares, y `libcupsfilters` contiene el código de los filtros del antiguo paquete `cups-filters` como funciones de librería que se utilizarán para las tareas de conversión de formato de datos necesarias en las aplicaciones de impresora. La función `cfGetPrinterAttributes5` en `libcupsfilters` no desinfecta los atributos IPP devueltos desde un servidor IPP. Cuando estos atributos IPP se utilizan, por ejemplo, para generar un archivo PPD, esto puede provocar que se proporcionen datos controlados por un atacante al resto del sistema CUPS."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openprinting:libcupsfilters:*:*:*:*:*:*:*:*","versionEndIncluding":"2.0.0","matchCriteriaId":"DD3C88C8-8803-4C8C-A4CB-DAB1474BCF79"},{"vulnerable":true,"criteria":"cpe:2.3:a:openprinting:libcupsfilters:2.1:beta1:*:*:*:*:*:*","matchCriteriaId":"BFD5B4F4-B4E7-4C27-A34B-EFC92A58B124"}]}]}],"references":[{"url":"https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8","source":"security-advisories@github.com","tags":["Not Applicable"]},{"url":"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47","source":"security-advisories@github.com","tags":["Not Applicable"]},{"url":"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6","source":"security-advisories@github.com","tags":["Not Applicable"]},{"url":"https://www.cups.org","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/OpenPrinting/libcupsfilters/commit/95576ec3d20c109332d14672a807353cdc551018","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00048.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20241011-0001/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}