A flaw in cups-filters allows a remote unauthenticated client to create a PPD configuration file with code injection. If a job is sent to the compromised printer, the code is executed allowing for remote code execution.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 2023 | cups-filters | 2024-09-27 00:29 | ALAS2023-2024-718 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 7.1 | CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |