Fluid Attacks Database

Description

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.17	cups	=1.4.1-r0 \|\| =1.4.2-r0 \|\| =1.4.2-r1 \|\| =1.4.2-r2 \|\| =1.4.3-r0 \|\| =1.4.3-r1 \|\| =1.4.3-r2 \|\| =1.4.3-r3 \|\| =1.4.4-r0 \|\| =1.4.4-r1 \|\| =1.4.5-r0 \|\| =1.4.6-r0 \|\| =1.4.7-r0 \|\| =1.4.8-r0 \|\| =1.5.0-r0 \|\| =1.5.0-r1 \|\| =1.5.0-r2 \|\| =1.5.2-r0 \|\| =1.5.2-r1 \|\| =1.5.2-r2 \|\| =1.5.2-r3 \|\| =1.5.3-r0 \|\| =1.5.4-r0 \|\| =1.5.4-r1 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.4-r0 \|\| =1.7.0-r0 \|\| =1.7.0-r1 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.7.3-r0 \|\| =1.7.3-r1 \|\| =1.7.4-r0 \|\| =1.7.5-r0 \|\| =2.0.0-r0 \|\| =2.0.1-r0 \|\| =2.0.2-r0 \|\| =2.0.2-r1 \|\| =2.0.2-r2 \|\| =2.0.3-r0 \|\| =2.0.4-r0 \|\| =2.1.0-r0 \|\| =2.1.1-r0 \|\| =2.1.2-r0 \|\| =2.1.3-r0 \|\| =2.1.3-r1 \|\| =2.1.4-r0 \|\| =2.2.1-r0 \|\| =2.2.1-r1 \|\| =2.2.10-r0 \|\| =2.2.11-r0 \|\| =2.2.12-r0 \|\| =2.2.12-r1 \|\| =2.2.12-r2 \|\| =2.2.2-r0 \|\| =2.2.2-r1 \|\| =2.2.2-r2 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.5-r0 \|\| =2.2.5-r1 \|\| =2.2.6-r0 \|\| =2.2.9-r0 \|\| =2.3.3-r0 \|\| =2.3.3-r1 \|\| =2.3.3-r2 \|\| =2.3.3-r3 \|\| =2.3.3-r4 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.1-r1 \|\| =2.4.2-r0 \|\| =2.4.2-r1 \|\| =2.4.2-r2 \|\| =2.4.2-r3 \|\| >=0 <2.4.7-r0	2.4.7-r0
alpine v3.18	cups	=1.4.1-r0 \|\| =1.4.2-r0 \|\| =1.4.2-r1 \|\| =1.4.2-r2 \|\| =1.4.3-r0 \|\| =1.4.3-r1 \|\| =1.4.3-r2 \|\| =1.4.3-r3 \|\| =1.4.4-r0 \|\| =1.4.4-r1 \|\| =1.4.5-r0 \|\| =1.4.6-r0 \|\| =1.4.7-r0 \|\| =1.4.8-r0 \|\| =1.5.0-r0 \|\| =1.5.0-r1 \|\| =1.5.0-r2 \|\| =1.5.2-r0 \|\| =1.5.2-r1 \|\| =1.5.2-r2 \|\| =1.5.2-r3 \|\| =1.5.3-r0 \|\| =1.5.4-r0 \|\| =1.5.4-r1 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.4-r0 \|\| =1.7.0-r0 \|\| =1.7.0-r1 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.7.3-r0 \|\| =1.7.3-r1 \|\| =1.7.4-r0 \|\| =1.7.5-r0 \|\| =2.0.0-r0 \|\| =2.0.1-r0 \|\| =2.0.2-r0 \|\| =2.0.2-r1 \|\| =2.0.2-r2 \|\| =2.0.3-r0 \|\| =2.0.4-r0 \|\| =2.1.0-r0 \|\| =2.1.1-r0 \|\| =2.1.2-r0 \|\| =2.1.3-r0 \|\| =2.1.3-r1 \|\| =2.1.4-r0 \|\| =2.2.1-r0 \|\| =2.2.1-r1 \|\| =2.2.10-r0 \|\| =2.2.11-r0 \|\| =2.2.12-r0 \|\| =2.2.12-r1 \|\| =2.2.12-r2 \|\| =2.2.2-r0 \|\| =2.2.2-r1 \|\| =2.2.2-r2 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.5-r0 \|\| =2.2.5-r1 \|\| =2.2.6-r0 \|\| =2.2.9-r0 \|\| =2.3.3-r0 \|\| =2.3.3-r1 \|\| =2.3.3-r2 \|\| =2.3.3-r3 \|\| =2.3.3-r4 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.1-r1 \|\| =2.4.2-r0 \|\| =2.4.2-r1 \|\| =2.4.2-r2 \|\| =2.4.2-r3 \|\| =2.4.2-r4 \|\| =2.4.2-r5 \|\| =2.4.2-r6 \|\| =2.4.2-r7 \|\| =2.4.3-r0 \|\| =2.4.3-r1 \|\| =2.4.4-r0 \|\| =2.4.5-r0 \|\| =2.4.6-r0 \|\| >=0 <2.4.7-r0	2.4.7-r0
alpine v3.19	cups	=1.4.1-r0 \|\| =1.4.2-r0 \|\| =1.4.2-r1 \|\| =1.4.2-r2 \|\| =1.4.3-r0 \|\| =1.4.3-r1 \|\| =1.4.3-r2 \|\| =1.4.3-r3 \|\| =1.4.4-r0 \|\| =1.4.4-r1 \|\| =1.4.5-r0 \|\| =1.4.6-r0 \|\| =1.4.7-r0 \|\| =1.4.8-r0 \|\| =1.5.0-r0 \|\| =1.5.0-r1 \|\| =1.5.0-r2 \|\| =1.5.2-r0 \|\| =1.5.2-r1 \|\| =1.5.2-r2 \|\| =1.5.2-r3 \|\| =1.5.3-r0 \|\| =1.5.4-r0 \|\| =1.5.4-r1 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.4-r0 \|\| =1.7.0-r0 \|\| =1.7.0-r1 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.7.3-r0 \|\| =1.7.3-r1 \|\| =1.7.4-r0 \|\| =1.7.5-r0 \|\| =2.0.0-r0 \|\| =2.0.1-r0 \|\| =2.0.2-r0 \|\| =2.0.2-r1 \|\| =2.0.2-r2 \|\| =2.0.3-r0 \|\| =2.0.4-r0 \|\| =2.1.0-r0 \|\| =2.1.1-r0 \|\| =2.1.2-r0 \|\| =2.1.3-r0 \|\| =2.1.3-r1 \|\| =2.1.4-r0 \|\| =2.2.1-r0 \|\| =2.2.1-r1 \|\| =2.2.10-r0 \|\| =2.2.11-r0 \|\| =2.2.12-r0 \|\| =2.2.12-r1 \|\| =2.2.12-r2 \|\| =2.2.2-r0 \|\| =2.2.2-r1 \|\| =2.2.2-r2 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.5-r0 \|\| =2.2.5-r1 \|\| =2.2.6-r0 \|\| =2.2.9-r0 \|\| =2.3.3-r0 \|\| =2.3.3-r1 \|\| =2.3.3-r2 \|\| =2.3.3-r3 \|\| =2.3.3-r4 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.1-r1 \|\| =2.4.2-r0 \|\| =2.4.2-r1 \|\| =2.4.2-r2 \|\| =2.4.2-r3 \|\| =2.4.2-r4 \|\| =2.4.2-r5 \|\| =2.4.2-r6 \|\| =2.4.2-r7 \|\| =2.4.3-r0 \|\| =2.4.3-r1 \|\| =2.4.4-r0 \|\| =2.4.5-r0 \|\| =2.4.6-r0 \|\| >=0 <2.4.7-r0	2.4.7-r0
alpine v3.20	cups	=1.4.1-r0 \|\| =1.4.2-r0 \|\| =1.4.2-r1 \|\| =1.4.2-r2 \|\| =1.4.3-r0 \|\| =1.4.3-r1 \|\| =1.4.3-r2 \|\| =1.4.3-r3 \|\| =1.4.4-r0 \|\| =1.4.4-r1 \|\| =1.4.5-r0 \|\| =1.4.6-r0 \|\| =1.4.7-r0 \|\| =1.4.8-r0 \|\| =1.5.0-r0 \|\| =1.5.0-r1 \|\| =1.5.0-r2 \|\| =1.5.2-r0 \|\| =1.5.2-r1 \|\| =1.5.2-r2 \|\| =1.5.2-r3 \|\| =1.5.3-r0 \|\| =1.5.4-r0 \|\| =1.5.4-r1 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.4-r0 \|\| =1.7.0-r0 \|\| =1.7.0-r1 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.7.3-r0 \|\| =1.7.3-r1 \|\| =1.7.4-r0 \|\| =1.7.5-r0 \|\| =2.0.0-r0 \|\| =2.0.1-r0 \|\| =2.0.2-r0 \|\| =2.0.2-r1 \|\| =2.0.2-r2 \|\| =2.0.3-r0 \|\| =2.0.4-r0 \|\| =2.1.0-r0 \|\| =2.1.1-r0 \|\| =2.1.2-r0 \|\| =2.1.3-r0 \|\| =2.1.3-r1 \|\| =2.1.4-r0 \|\| =2.2.1-r0 \|\| =2.2.1-r1 \|\| =2.2.10-r0 \|\| =2.2.11-r0 \|\| =2.2.12-r0 \|\| =2.2.12-r1 \|\| =2.2.12-r2 \|\| =2.2.2-r0 \|\| =2.2.2-r1 \|\| =2.2.2-r2 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.5-r0 \|\| =2.2.5-r1 \|\| =2.2.6-r0 \|\| =2.2.9-r0 \|\| =2.3.3-r0 \|\| =2.3.3-r1 \|\| =2.3.3-r2 \|\| =2.3.3-r3 \|\| =2.3.3-r4 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.1-r1 \|\| =2.4.2-r0 \|\| =2.4.2-r1 \|\| =2.4.2-r2 \|\| =2.4.2-r3 \|\| =2.4.2-r4 \|\| =2.4.2-r5 \|\| =2.4.2-r6 \|\| =2.4.2-r7 \|\| =2.4.3-r0 \|\| =2.4.3-r1 \|\| =2.4.4-r0 \|\| =2.4.5-r0 \|\| =2.4.6-r0 \|\| >=0 <2.4.7-r0	2.4.7-r0
alpine v3.21	cups	=1.4.1-r0 \|\| =1.4.2-r0 \|\| =1.4.2-r1 \|\| =1.4.2-r2 \|\| =1.4.3-r0 \|\| =1.4.3-r1 \|\| =1.4.3-r2 \|\| =1.4.3-r3 \|\| =1.4.4-r0 \|\| =1.4.4-r1 \|\| =1.4.5-r0 \|\| =1.4.6-r0 \|\| =1.4.7-r0 \|\| =1.4.8-r0 \|\| =1.5.0-r0 \|\| =1.5.0-r1 \|\| =1.5.0-r2 \|\| =1.5.2-r0 \|\| =1.5.2-r1 \|\| =1.5.2-r2 \|\| =1.5.2-r3 \|\| =1.5.3-r0 \|\| =1.5.4-r0 \|\| =1.5.4-r1 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.4-r0 \|\| =1.7.0-r0 \|\| =1.7.0-r1 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.7.3-r0 \|\| =1.7.3-r1 \|\| =1.7.4-r0 \|\| =1.7.5-r0 \|\| =2.0.0-r0 \|\| =2.0.1-r0 \|\| =2.0.2-r0 \|\| =2.0.2-r1 \|\| =2.0.2-r2 \|\| =2.0.3-r0 \|\| =2.0.4-r0 \|\| =2.1.0-r0 \|\| =2.1.1-r0 \|\| =2.1.2-r0 \|\| =2.1.3-r0 \|\| =2.1.3-r1 \|\| =2.1.4-r0 \|\| =2.2.1-r0 \|\| =2.2.1-r1 \|\| =2.2.10-r0 \|\| =2.2.11-r0 \|\| =2.2.12-r0 \|\| =2.2.12-r1 \|\| =2.2.12-r2 \|\| =2.2.2-r0 \|\| =2.2.2-r1 \|\| =2.2.2-r2 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.5-r0 \|\| =2.2.5-r1 \|\| =2.2.6-r0 \|\| =2.2.9-r0 \|\| =2.3.3-r0 \|\| =2.3.3-r1 \|\| =2.3.3-r2 \|\| =2.3.3-r3 \|\| =2.3.3-r4 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.1-r1 \|\| =2.4.2-r0 \|\| =2.4.2-r1 \|\| =2.4.2-r2 \|\| =2.4.2-r3 \|\| =2.4.2-r4 \|\| =2.4.2-r5 \|\| =2.4.2-r6 \|\| =2.4.2-r7 \|\| =2.4.3-r0 \|\| =2.4.3-r1 \|\| =2.4.4-r0 \|\| =2.4.5-r0 \|\| =2.4.6-r0 \|\| >=0 <2.4.7-r0	2.4.7-r0
alpine v3.22	cups	=1.4.1-r0 \|\| =1.4.2-r0 \|\| =1.4.2-r1 \|\| =1.4.2-r2 \|\| =1.4.3-r0 \|\| =1.4.3-r1 \|\| =1.4.3-r2 \|\| =1.4.3-r3 \|\| =1.4.4-r0 \|\| =1.4.4-r1 \|\| =1.4.5-r0 \|\| =1.4.6-r0 \|\| =1.4.7-r0 \|\| =1.4.8-r0 \|\| =1.5.0-r0 \|\| =1.5.0-r1 \|\| =1.5.0-r2 \|\| =1.5.2-r0 \|\| =1.5.2-r1 \|\| =1.5.2-r2 \|\| =1.5.2-r3 \|\| =1.5.3-r0 \|\| =1.5.4-r0 \|\| =1.5.4-r1 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.4-r0 \|\| =1.7.0-r0 \|\| =1.7.0-r1 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.7.3-r0 \|\| =1.7.3-r1 \|\| =1.7.4-r0 \|\| =1.7.5-r0 \|\| =2.0.0-r0 \|\| =2.0.1-r0 \|\| =2.0.2-r0 \|\| =2.0.2-r1 \|\| =2.0.2-r2 \|\| =2.0.3-r0 \|\| =2.0.4-r0 \|\| =2.1.0-r0 \|\| =2.1.1-r0 \|\| =2.1.2-r0 \|\| =2.1.3-r0 \|\| =2.1.3-r1 \|\| =2.1.4-r0 \|\| =2.2.1-r0 \|\| =2.2.1-r1 \|\| =2.2.10-r0 \|\| =2.2.11-r0 \|\| =2.2.12-r0 \|\| =2.2.12-r1 \|\| =2.2.12-r2 \|\| =2.2.2-r0 \|\| =2.2.2-r1 \|\| =2.2.2-r2 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.5-r0 \|\| =2.2.5-r1 \|\| =2.2.6-r0 \|\| =2.2.9-r0 \|\| =2.3.3-r0 \|\| =2.3.3-r1 \|\| =2.3.3-r2 \|\| =2.3.3-r3 \|\| =2.3.3-r4 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.1-r1 \|\| =2.4.2-r0 \|\| =2.4.2-r1 \|\| =2.4.2-r2 \|\| =2.4.2-r3 \|\| =2.4.2-r4 \|\| =2.4.2-r5 \|\| =2.4.2-r6 \|\| =2.4.2-r7 \|\| =2.4.3-r0 \|\| =2.4.3-r1 \|\| =2.4.4-r0 \|\| =2.4.5-r0 \|\| =2.4.6-r0 \|\| >=0 <2.4.7-r0	2.4.7-r0
debian 11	cups	=2.3.3op2-3+deb11u1 \|\| =2.3.3op2-3+deb11u2 \|\| =2.3.3op2-3+deb11u3 \|\| >=0 <2.3.3op2-3+deb11u4	2.3.3op2-3+deb11u4
debian 12	cups	=2.4.2-3 \|\| =2.4.2-3+deb12u1 \|\| >=0 <2.4.2-3+deb12u2	2.4.2-3+deb12u2
debian 13	cups	>=0 <2.4.2-6	2.4.2-6
debian 14	cups	>=0 <2.4.2-6	2.4.2-6

1-10 of 15

Aliases

1. CVE-2023-45042. NVD-2023-45043. OSV-ALPINE-2023-45044. OSV-2023-45045. OSV-DEBIAN-2023-45046. SECURITY-CVE-2023-45047. SECURITY-TRACKER-CVE-2023-4504

References

1. https://github.com/djjohnson565/CUPS-Exploit

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.