Fluid Attacks Database

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, there is a heap-based buffer overflow in the CUPS scheduler when building filter option strings from job attribute. At time of publication, there are no publicly available patches.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel7	cups	-	-
debian 11	cups	=2.3.3op2-3+deb11u1 \|\| =2.3.3op2-3+deb11u10 \|\| =2.3.3op2-3+deb11u2 \|\| =2.3.3op2-3+deb11u3 \|\| =2.3.3op2-3+deb11u4 \|\| =2.3.3op2-3+deb11u5 \|\| =2.3.3op2-3+deb11u6 \|\| =2.3.3op2-3+deb11u7 \|\| =2.3.3op2-3+deb11u8 \|\| =2.3.3op2-3+deb11u9 \|\| =2.3.3op2-4 \|\| =2.3.3op2-5 \|\| =2.3.3op2-6 \|\| =2.3.3op2-7 \|\| =2.4.10-1 \|\| =2.4.10-2 \|\| =2.4.10-3 \|\| =2.4.10-4 \|\| =2.4.14-1 \|\| =2.4.15-1 \|\| =2.4.16-1 \|\| =2.4.17-1 \|\| =2.4.18-1 \|\| =2.4.1op1-1 \|\| =2.4.1op1-2 \|\| =2.4.2-1 \|\| =2.4.2-2 \|\| =2.4.2-3 \|\| =2.4.2-4 \|\| =2.4.2-5 \|\| =2.4.2-6 \|\| =2.4.7-1 \|\| =2.4.7-1.1 \|\| =2.4.7-1.2 \|\| =2.4.7-2 \|\| =2.4.7-3	-
rpm rhel9	cups	-	-
debian 12	cups	=2.4.10-1 \|\| =2.4.10-2 \|\| =2.4.10-3 \|\| =2.4.10-4 \|\| =2.4.14-1 \|\| =2.4.15-1 \|\| =2.4.16-1 \|\| =2.4.17-1 \|\| =2.4.18-1 \|\| =2.4.2-3 \|\| =2.4.2-3+deb12u1 \|\| =2.4.2-3+deb12u2 \|\| =2.4.2-3+deb12u3 \|\| =2.4.2-3+deb12u4 \|\| =2.4.2-3+deb12u5 \|\| =2.4.2-3+deb12u6 \|\| =2.4.2-3+deb12u7 \|\| =2.4.2-3+deb12u8 \|\| =2.4.2-3+deb12u9 \|\| =2.4.2-4 \|\| =2.4.2-5 \|\| =2.4.2-6 \|\| =2.4.7-1 \|\| =2.4.7-1.1 \|\| =2.4.7-1.2 \|\| =2.4.7-2 \|\| =2.4.7-3	-
rpm rhel6	cups	-	-
debian 13	cups	=2.4.10-3 \|\| =2.4.10-3+deb13u1 \|\| =2.4.10-3+deb13u2 \|\| =2.4.10-4 \|\| =2.4.14-1 \|\| =2.4.15-1 \|\| =2.4.16-1 \|\| =2.4.17-1 \|\| =2.4.18-1	-
debian 14	cups	=2.4.10-3 \|\| =2.4.10-4 \|\| =2.4.14-1 \|\| =2.4.15-1 \|\| =2.4.16-1 \|\| >=0 <2.4.17-1	2.4.17-1
rpm rhel10	cups	-	-
rpm rhel8	cups	-	-
alpine v3.23	cups	=1.4.1-r0 \|\| =1.4.2-r0 \|\| =1.4.2-r1 \|\| =1.4.2-r2 \|\| =1.4.3-r0 \|\| =1.4.3-r1 \|\| =1.4.3-r2 \|\| =1.4.3-r3 \|\| =1.4.4-r0 \|\| =1.4.4-r1 \|\| =1.4.5-r0 \|\| =1.4.6-r0 \|\| =1.4.7-r0 \|\| =1.4.8-r0 \|\| =1.5.0-r0 \|\| =1.5.0-r1 \|\| =1.5.0-r2 \|\| =1.5.2-r0 \|\| =1.5.2-r1 \|\| =1.5.2-r2 \|\| =1.5.2-r3 \|\| =1.5.3-r0 \|\| =1.5.4-r0 \|\| =1.5.4-r1 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.4-r0 \|\| =1.7.0-r0 \|\| =1.7.0-r1 \|\| =1.7.1-r0 \|\| =1.7.2-r0 \|\| =1.7.3-r0 \|\| =1.7.3-r1 \|\| =1.7.4-r0 \|\| =1.7.5-r0 \|\| =2.0.0-r0 \|\| =2.0.1-r0 \|\| =2.0.2-r0 \|\| =2.0.2-r1 \|\| =2.0.2-r2 \|\| =2.0.3-r0 \|\| =2.0.4-r0 \|\| =2.1.0-r0 \|\| =2.1.1-r0 \|\| =2.1.2-r0 \|\| =2.1.3-r0 \|\| =2.1.3-r1 \|\| =2.1.4-r0 \|\| =2.2.1-r0 \|\| =2.2.1-r1 \|\| =2.2.10-r0 \|\| =2.2.11-r0 \|\| =2.2.12-r0 \|\| =2.2.12-r1 \|\| =2.2.12-r2 \|\| =2.2.2-r0 \|\| =2.2.2-r1 \|\| =2.2.2-r2 \|\| =2.2.3-r0 \|\| =2.2.3-r1 \|\| =2.2.4-r0 \|\| =2.2.5-r0 \|\| =2.2.5-r1 \|\| =2.2.6-r0 \|\| =2.2.9-r0 \|\| =2.3.3-r0 \|\| =2.3.3-r1 \|\| =2.3.3-r2 \|\| =2.3.3-r3 \|\| =2.3.3-r4 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.1-r1 \|\| =2.4.10-r0 \|\| =2.4.10-r1 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.13-r0 \|\| =2.4.16-r0 \|\| =2.4.2-r0 \|\| =2.4.2-r1 \|\| =2.4.2-r2 \|\| =2.4.2-r3 \|\| =2.4.2-r4 \|\| =2.4.2-r5 \|\| =2.4.2-r6 \|\| =2.4.2-r7 \|\| =2.4.3-r0 \|\| =2.4.3-r1 \|\| =2.4.4-r0 \|\| =2.4.5-r0 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.7-r1 \|\| =2.4.7-r2 \|\| =2.4.7-r3 \|\| =2.4.7-r4 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| >=0 <2.4.18-r0	2.4.18-r0

1-10 of 13

Aliases

1. CVE-2026-349792. NVD-2026-349793. OSV-2026-349794. OSV-DEBIAN-2026-349795. OSV-ALPINE-2026-349796. SECURITY-TRACKER-CVE-2026-349797. SECURITY-CVE-2026-34979

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.