Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-4182 (GCVE-0-2018-4182)
Vulnerability from cvelistv5 – Published: 2019-01-11 18:00 – Updated: 2024-08-05 05:04
VLAI?
EPSS
Summary
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:04:29.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4243",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4243"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208849"
},
{
"name": "GLSA-201908-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-08"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-15T17:06:09",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "DSA-4243",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4243"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208849"
},
{
"name": "GLSA-201908-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-08"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2018-4182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4243",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4243"
},
{
"name": "https://support.apple.com/HT208849",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208849"
},
{
"name": "GLSA-201908-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-08"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2018-4182",
"datePublished": "2019-01-11T18:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T05:04:29.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.13.5\", \"matchCriteriaId\": \"B0B9799C-6891-4D51-9E17-92D1407740F9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.\"}, {\"lang\": \"es\", \"value\": \"En macOS High Sierra en versiones anteriores a la 10.13.5, se abord\\u00f3 un problema de acceso con restricciones adicionales del sandbox en CUPS.\"}]",
"id": "CVE-2018-4182",
"lastModified": "2024-11-21T04:06:55.307",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.5, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-01-11T18:29:01.127",
"references": "[{\"url\": \"https://security.gentoo.org/glsa/201908-08\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/HT208849\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4243\", \"source\": \"product-security@apple.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2018-4182\", \"source\": \"nvd@nist.gov\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201908-08\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT208849\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4243\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-4182\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2019-01-11T18:29:01.127\",\"lastModified\":\"2024-11-21T04:06:55.307\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.\"},{\"lang\":\"es\",\"value\":\"En macOS High Sierra en versiones anteriores a la 10.13.5, se abord\u00f3 un problema de acceso con restricciones adicionales del sandbox en CUPS.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.13.5\",\"matchCriteriaId\":\"B0B9799C-6891-4D51-9E17-92D1407740F9\"}]}]}],\"references\":[{\"url\":\"https://security.gentoo.org/glsa/201908-08\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/HT208849\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4243\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2018-4182\",\"source\":\"nvd@nist.gov\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201908-08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208849\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4243\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
GSD-2018-4182
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-4182",
"description": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.",
"id": "GSD-2018-4182",
"references": [
"https://www.suse.com/security/cve/CVE-2018-4182.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-4182"
],
"details": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.",
"id": "GSD-2018-4182",
"modified": "2023-12-13T01:22:28.307965Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2018-4182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4243",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4243"
},
{
"name": "https://support.apple.com/HT208849",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208849"
},
{
"name": "GLSA-201908-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-08"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.13.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2018-4182"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208849",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT208849"
},
{
"name": "DSA-4243",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4243"
},
{
"name": "https://access.redhat.com/security/cve/cve-2018-4182",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-4182"
},
{
"name": "GLSA-201908-08",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201908-08"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2019-01-11T18:29Z"
}
}
}
SUSE-SU-2018:2172-1
Vulnerability from csaf_suse - Published: 2018-08-02 12:20 - Updated: 2018-08-02 12:20Summary
Security update for cups
Notes
Title of the patch
Security update for cups
Description of the patch
This update for cups fixes the following issues:
The following security vulnerabilities were fixed:
- Fixed a local privilege escalation to root and sandbox bypasses in the
scheduler
- CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend
(bsc#1096405)
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include
directive (bsc#1096406)
- CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling
(bsc#1096407)
- CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration
(bsc#1096408)
Patchnames
SUSE-SLE-Module-Basesystem-15-2018-1476,SUSE-SLE-Module-Desktop-Applications-15-2018-1476,SUSE-SLE-Module-Development-Tools-15-2018-1476
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cups",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cups fixes the following issues:\n\nThe following security vulnerabilities were fixed:\n\n- Fixed a local privilege escalation to root and sandbox bypasses in the\n scheduler\n- CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend\n (bsc#1096405)\n- CVE-2018-4181: Limited local file reads as root via cupsd.conf include\n directive (bsc#1096406)\n- CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling\n (bsc#1096407)\n- CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration\n (bsc#1096408)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Basesystem-15-2018-1476,SUSE-SLE-Module-Desktop-Applications-15-2018-1476,SUSE-SLE-Module-Development-Tools-15-2018-1476",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2172-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2172-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182172-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2172-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004368.html"
},
{
"category": "self",
"summary": "SUSE Bug 1096405",
"url": "https://bugzilla.suse.com/1096405"
},
{
"category": "self",
"summary": "SUSE Bug 1096406",
"url": "https://bugzilla.suse.com/1096406"
},
{
"category": "self",
"summary": "SUSE Bug 1096407",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "self",
"summary": "SUSE Bug 1096408",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4180 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4181 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4183 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4183/"
}
],
"title": "Security update for cups",
"tracking": {
"current_release_date": "2018-08-02T12:20:13Z",
"generator": {
"date": "2018-08-02T12:20:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2172-1",
"initial_release_date": "2018-08-02T12:20:13Z",
"revision_history": [
{
"date": "2018-08-02T12:20:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cups-2.2.7-3.3.1.aarch64",
"product": {
"name": "cups-2.2.7-3.3.1.aarch64",
"product_id": "cups-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-client-2.2.7-3.3.1.aarch64",
"product": {
"name": "cups-client-2.2.7-3.3.1.aarch64",
"product_id": "cups-client-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-config-2.2.7-3.3.1.aarch64",
"product": {
"name": "cups-config-2.2.7-3.3.1.aarch64",
"product_id": "cups-config-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-devel-2.2.7-3.3.1.aarch64",
"product": {
"name": "cups-devel-2.2.7-3.3.1.aarch64",
"product_id": "cups-devel-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcups2-2.2.7-3.3.1.aarch64",
"product": {
"name": "libcups2-2.2.7-3.3.1.aarch64",
"product_id": "libcups2-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcupscgi1-2.2.7-3.3.1.aarch64",
"product": {
"name": "libcupscgi1-2.2.7-3.3.1.aarch64",
"product_id": "libcupscgi1-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.2.7-3.3.1.aarch64",
"product": {
"name": "libcupsimage2-2.2.7-3.3.1.aarch64",
"product_id": "libcupsimage2-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcupsmime1-2.2.7-3.3.1.aarch64",
"product": {
"name": "libcupsmime1-2.2.7-3.3.1.aarch64",
"product_id": "libcupsmime1-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcupsppdc1-2.2.7-3.3.1.aarch64",
"product": {
"name": "libcupsppdc1-2.2.7-3.3.1.aarch64",
"product_id": "libcupsppdc1-2.2.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.2.7-3.3.1.aarch64",
"product": {
"name": "cups-ddk-2.2.7-3.3.1.aarch64",
"product_id": "cups-ddk-2.2.7-3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-2.2.7-3.3.1.ppc64le",
"product": {
"name": "cups-2.2.7-3.3.1.ppc64le",
"product_id": "cups-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-client-2.2.7-3.3.1.ppc64le",
"product": {
"name": "cups-client-2.2.7-3.3.1.ppc64le",
"product_id": "cups-client-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-config-2.2.7-3.3.1.ppc64le",
"product": {
"name": "cups-config-2.2.7-3.3.1.ppc64le",
"product_id": "cups-config-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-devel-2.2.7-3.3.1.ppc64le",
"product": {
"name": "cups-devel-2.2.7-3.3.1.ppc64le",
"product_id": "cups-devel-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcups2-2.2.7-3.3.1.ppc64le",
"product": {
"name": "libcups2-2.2.7-3.3.1.ppc64le",
"product_id": "libcups2-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcupscgi1-2.2.7-3.3.1.ppc64le",
"product": {
"name": "libcupscgi1-2.2.7-3.3.1.ppc64le",
"product_id": "libcupscgi1-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.2.7-3.3.1.ppc64le",
"product": {
"name": "libcupsimage2-2.2.7-3.3.1.ppc64le",
"product_id": "libcupsimage2-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcupsmime1-2.2.7-3.3.1.ppc64le",
"product": {
"name": "libcupsmime1-2.2.7-3.3.1.ppc64le",
"product_id": "libcupsmime1-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcupsppdc1-2.2.7-3.3.1.ppc64le",
"product": {
"name": "libcupsppdc1-2.2.7-3.3.1.ppc64le",
"product_id": "libcupsppdc1-2.2.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.2.7-3.3.1.ppc64le",
"product": {
"name": "cups-ddk-2.2.7-3.3.1.ppc64le",
"product_id": "cups-ddk-2.2.7-3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-2.2.7-3.3.1.s390x",
"product": {
"name": "cups-2.2.7-3.3.1.s390x",
"product_id": "cups-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-client-2.2.7-3.3.1.s390x",
"product": {
"name": "cups-client-2.2.7-3.3.1.s390x",
"product_id": "cups-client-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-config-2.2.7-3.3.1.s390x",
"product": {
"name": "cups-config-2.2.7-3.3.1.s390x",
"product_id": "cups-config-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-devel-2.2.7-3.3.1.s390x",
"product": {
"name": "cups-devel-2.2.7-3.3.1.s390x",
"product_id": "cups-devel-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libcups2-2.2.7-3.3.1.s390x",
"product": {
"name": "libcups2-2.2.7-3.3.1.s390x",
"product_id": "libcups2-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libcupscgi1-2.2.7-3.3.1.s390x",
"product": {
"name": "libcupscgi1-2.2.7-3.3.1.s390x",
"product_id": "libcupscgi1-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.2.7-3.3.1.s390x",
"product": {
"name": "libcupsimage2-2.2.7-3.3.1.s390x",
"product_id": "libcupsimage2-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libcupsmime1-2.2.7-3.3.1.s390x",
"product": {
"name": "libcupsmime1-2.2.7-3.3.1.s390x",
"product_id": "libcupsmime1-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libcupsppdc1-2.2.7-3.3.1.s390x",
"product": {
"name": "libcupsppdc1-2.2.7-3.3.1.s390x",
"product_id": "libcupsppdc1-2.2.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.2.7-3.3.1.s390x",
"product": {
"name": "cups-ddk-2.2.7-3.3.1.s390x",
"product_id": "cups-ddk-2.2.7-3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-2.2.7-3.3.1.x86_64",
"product": {
"name": "cups-2.2.7-3.3.1.x86_64",
"product_id": "cups-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-client-2.2.7-3.3.1.x86_64",
"product": {
"name": "cups-client-2.2.7-3.3.1.x86_64",
"product_id": "cups-client-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-config-2.2.7-3.3.1.x86_64",
"product": {
"name": "cups-config-2.2.7-3.3.1.x86_64",
"product_id": "cups-config-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-devel-2.2.7-3.3.1.x86_64",
"product": {
"name": "cups-devel-2.2.7-3.3.1.x86_64",
"product_id": "cups-devel-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcups2-2.2.7-3.3.1.x86_64",
"product": {
"name": "libcups2-2.2.7-3.3.1.x86_64",
"product_id": "libcups2-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcupscgi1-2.2.7-3.3.1.x86_64",
"product": {
"name": "libcupscgi1-2.2.7-3.3.1.x86_64",
"product_id": "libcupscgi1-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcupsimage2-2.2.7-3.3.1.x86_64",
"product": {
"name": "libcupsimage2-2.2.7-3.3.1.x86_64",
"product_id": "libcupsimage2-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcupsmime1-2.2.7-3.3.1.x86_64",
"product": {
"name": "libcupsmime1-2.2.7-3.3.1.x86_64",
"product_id": "libcupsmime1-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcupsppdc1-2.2.7-3.3.1.x86_64",
"product": {
"name": "libcupsppdc1-2.2.7-3.3.1.x86_64",
"product_id": "libcupsppdc1-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcups2-32bit-2.2.7-3.3.1.x86_64",
"product": {
"name": "libcups2-32bit-2.2.7-3.3.1.x86_64",
"product_id": "libcups2-32bit-2.2.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-ddk-2.2.7-3.3.1.x86_64",
"product": {
"name": "cups-ddk-2.2.7-3.3.1.x86_64",
"product_id": "cups-ddk-2.2.7-3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Desktop Applications 15",
"product": {
"name": "SUSE Linux Enterprise Module for Desktop Applications 15",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-desktop-applications:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64"
},
"product_reference": "cups-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le"
},
"product_reference": "cups-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x"
},
"product_reference": "cups-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64"
},
"product_reference": "cups-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64"
},
"product_reference": "cups-client-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le"
},
"product_reference": "cups-client-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x"
},
"product_reference": "cups-client-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64"
},
"product_reference": "cups-client-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64"
},
"product_reference": "cups-config-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le"
},
"product_reference": "cups-config-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x"
},
"product_reference": "cups-config-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-config-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64"
},
"product_reference": "cups-config-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64"
},
"product_reference": "cups-devel-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le"
},
"product_reference": "cups-devel-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x"
},
"product_reference": "cups-devel-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64"
},
"product_reference": "cups-devel-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64"
},
"product_reference": "libcups2-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le"
},
"product_reference": "libcups2-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x"
},
"product_reference": "libcups2-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64"
},
"product_reference": "libcups2-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupscgi1-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64"
},
"product_reference": "libcupscgi1-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupscgi1-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le"
},
"product_reference": "libcupscgi1-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupscgi1-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x"
},
"product_reference": "libcupscgi1-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupscgi1-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64"
},
"product_reference": "libcupscgi1-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64"
},
"product_reference": "libcupsimage2-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le"
},
"product_reference": "libcupsimage2-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x"
},
"product_reference": "libcupsimage2-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsimage2-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64"
},
"product_reference": "libcupsimage2-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsmime1-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64"
},
"product_reference": "libcupsmime1-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsmime1-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le"
},
"product_reference": "libcupsmime1-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsmime1-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x"
},
"product_reference": "libcupsmime1-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsmime1-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64"
},
"product_reference": "libcupsmime1-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsppdc1-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64"
},
"product_reference": "libcupsppdc1-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsppdc1-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le"
},
"product_reference": "libcupsppdc1-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsppdc1-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x"
},
"product_reference": "libcupsppdc1-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcupsppdc1-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64"
},
"product_reference": "libcupsppdc1-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcups2-32bit-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64"
},
"product_reference": "libcups2-32bit-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.2.7-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64"
},
"product_reference": "cups-ddk-2.2.7-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.2.7-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le"
},
"product_reference": "cups-ddk-2.2.7-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.2.7-3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x"
},
"product_reference": "cups-ddk-2.2.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-2.2.7-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
},
"product_reference": "cups-ddk-2.2.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-4180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4180"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4180",
"url": "https://www.suse.com/security/cve/CVE-2018-4180"
},
{
"category": "external",
"summary": "SUSE Bug 1096405 for CVE-2018-4180",
"url": "https://bugzilla.suse.com/1096405"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4180",
"url": "https://bugzilla.suse.com/1096408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-02T12:20:13Z",
"details": "important"
}
],
"title": "CVE-2018-4180"
},
{
"cve": "CVE-2018-4181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4181"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4181",
"url": "https://www.suse.com/security/cve/CVE-2018-4181"
},
{
"category": "external",
"summary": "SUSE Bug 1096406 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1096406"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "external",
"summary": "SUSE Bug 1105281 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1105281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-02T12:20:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-4181"
},
{
"cve": "CVE-2018-4182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4182"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4182",
"url": "https://www.suse.com/security/cve/CVE-2018-4182"
},
{
"category": "external",
"summary": "SUSE Bug 1096407 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "external",
"summary": "SUSE Bug 1105281 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1105281"
},
{
"category": "external",
"summary": "SUSE Bug 1217278 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1217278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-02T12:20:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-4182"
},
{
"cve": "CVE-2018-4183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4183"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4183",
"url": "https://www.suse.com/security/cve/CVE-2018-4183"
},
{
"category": "external",
"summary": "SUSE Bug 1096407 for CVE-2018-4183",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4183",
"url": "https://bugzilla.suse.com/1096408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-client-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-config-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:cups-devel-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcups2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupscgi1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsimage2-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsmime1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:libcupsppdc1-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15:libcups2-32bit-2.2.7-3.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:cups-ddk-2.2.7-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-02T12:20:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-4183"
}
]
}
SUSE-SU-2018:2233-1
Vulnerability from csaf_suse - Published: 2018-08-07 10:47 - Updated: 2018-08-07 10:47Summary
Security update for cups
Notes
Title of the patch
Security update for cups
Description of the patch
This update for cups fixes the following issues:
Security issues fixed:
- CVE-2018-4180: Fix local privilege escalation to root in dnssd backend (bsc#1096405).
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406).
- CVE-2018-4182: Fix cups-exec sandbox bypass due to insecure error handling (bsc#1096407).
- CVE-2018-4183: Fix cups-exec sandbox bypass due to profile misconfiguration (bsc#1096408).
Patchnames
sdksp4-cups-13718,slessp4-cups-13718
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cups",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cups fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-4180: Fix local privilege escalation to root in dnssd backend (bsc#1096405).\n- CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406).\n- CVE-2018-4182: Fix cups-exec sandbox bypass due to insecure error handling (bsc#1096407).\n- CVE-2018-4183: Fix cups-exec sandbox bypass due to profile misconfiguration (bsc#1096408).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-cups-13718,slessp4-cups-13718",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2233-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2233-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182233-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2233-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004381.html"
},
{
"category": "self",
"summary": "SUSE Bug 1096405",
"url": "https://bugzilla.suse.com/1096405"
},
{
"category": "self",
"summary": "SUSE Bug 1096406",
"url": "https://bugzilla.suse.com/1096406"
},
{
"category": "self",
"summary": "SUSE Bug 1096407",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "self",
"summary": "SUSE Bug 1096408",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4180 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4181 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4183 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4183/"
}
],
"title": "Security update for cups",
"tracking": {
"current_release_date": "2018-08-07T10:47:47Z",
"generator": {
"date": "2018-08-07T10:47:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2233-1",
"initial_release_date": "2018-08-07T10:47:47Z",
"revision_history": [
{
"date": "2018-08-07T10:47:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cups-devel-1.3.9-8.46.56.3.1.i586",
"product": {
"name": "cups-devel-1.3.9-8.46.56.3.1.i586",
"product_id": "cups-devel-1.3.9-8.46.56.3.1.i586"
}
},
{
"category": "product_version",
"name": "cups-1.3.9-8.46.56.3.1.i586",
"product": {
"name": "cups-1.3.9-8.46.56.3.1.i586",
"product_id": "cups-1.3.9-8.46.56.3.1.i586"
}
},
{
"category": "product_version",
"name": "cups-client-1.3.9-8.46.56.3.1.i586",
"product": {
"name": "cups-client-1.3.9-8.46.56.3.1.i586",
"product_id": "cups-client-1.3.9-8.46.56.3.1.i586"
}
},
{
"category": "product_version",
"name": "cups-libs-1.3.9-8.46.56.3.1.i586",
"product": {
"name": "cups-libs-1.3.9-8.46.56.3.1.i586",
"product_id": "cups-libs-1.3.9-8.46.56.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-devel-1.3.9-8.46.56.3.1.ia64",
"product": {
"name": "cups-devel-1.3.9-8.46.56.3.1.ia64",
"product_id": "cups-devel-1.3.9-8.46.56.3.1.ia64"
}
},
{
"category": "product_version",
"name": "cups-1.3.9-8.46.56.3.1.ia64",
"product": {
"name": "cups-1.3.9-8.46.56.3.1.ia64",
"product_id": "cups-1.3.9-8.46.56.3.1.ia64"
}
},
{
"category": "product_version",
"name": "cups-client-1.3.9-8.46.56.3.1.ia64",
"product": {
"name": "cups-client-1.3.9-8.46.56.3.1.ia64",
"product_id": "cups-client-1.3.9-8.46.56.3.1.ia64"
}
},
{
"category": "product_version",
"name": "cups-libs-1.3.9-8.46.56.3.1.ia64",
"product": {
"name": "cups-libs-1.3.9-8.46.56.3.1.ia64",
"product_id": "cups-libs-1.3.9-8.46.56.3.1.ia64"
}
},
{
"category": "product_version",
"name": "cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"product": {
"name": "cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"product_id": "cups-libs-x86-1.3.9-8.46.56.3.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-devel-1.3.9-8.46.56.3.1.ppc64",
"product": {
"name": "cups-devel-1.3.9-8.46.56.3.1.ppc64",
"product_id": "cups-devel-1.3.9-8.46.56.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "cups-1.3.9-8.46.56.3.1.ppc64",
"product": {
"name": "cups-1.3.9-8.46.56.3.1.ppc64",
"product_id": "cups-1.3.9-8.46.56.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "cups-client-1.3.9-8.46.56.3.1.ppc64",
"product": {
"name": "cups-client-1.3.9-8.46.56.3.1.ppc64",
"product_id": "cups-client-1.3.9-8.46.56.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "cups-libs-1.3.9-8.46.56.3.1.ppc64",
"product": {
"name": "cups-libs-1.3.9-8.46.56.3.1.ppc64",
"product_id": "cups-libs-1.3.9-8.46.56.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"product": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"product_id": "cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-devel-1.3.9-8.46.56.3.1.s390x",
"product": {
"name": "cups-devel-1.3.9-8.46.56.3.1.s390x",
"product_id": "cups-devel-1.3.9-8.46.56.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-1.3.9-8.46.56.3.1.s390x",
"product": {
"name": "cups-1.3.9-8.46.56.3.1.s390x",
"product_id": "cups-1.3.9-8.46.56.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-client-1.3.9-8.46.56.3.1.s390x",
"product": {
"name": "cups-client-1.3.9-8.46.56.3.1.s390x",
"product_id": "cups-client-1.3.9-8.46.56.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-libs-1.3.9-8.46.56.3.1.s390x",
"product": {
"name": "cups-libs-1.3.9-8.46.56.3.1.s390x",
"product_id": "cups-libs-1.3.9-8.46.56.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"product": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"product_id": "cups-libs-32bit-1.3.9-8.46.56.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-devel-1.3.9-8.46.56.3.1.x86_64",
"product": {
"name": "cups-devel-1.3.9-8.46.56.3.1.x86_64",
"product_id": "cups-devel-1.3.9-8.46.56.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-1.3.9-8.46.56.3.1.x86_64",
"product": {
"name": "cups-1.3.9-8.46.56.3.1.x86_64",
"product_id": "cups-1.3.9-8.46.56.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-client-1.3.9-8.46.56.3.1.x86_64",
"product": {
"name": "cups-client-1.3.9-8.46.56.3.1.x86_64",
"product_id": "cups-client-1.3.9-8.46.56.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-libs-1.3.9-8.46.56.3.1.x86_64",
"product": {
"name": "cups-libs-1.3.9-8.46.56.3.1.x86_64",
"product_id": "cups-libs-1.3.9-8.46.56.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"product": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"product_id": "cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.3.9-8.46.56.3.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586"
},
"product_reference": "cups-devel-1.3.9-8.46.56.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-devel-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-devel-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-devel-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-devel-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-x86-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-client-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-libs-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64"
},
"product_reference": "cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x"
},
"product_reference": "cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-x86-1.3.9-8.46.56.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64"
},
"product_reference": "cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-4180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4180"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4180",
"url": "https://www.suse.com/security/cve/CVE-2018-4180"
},
{
"category": "external",
"summary": "SUSE Bug 1096405 for CVE-2018-4180",
"url": "https://bugzilla.suse.com/1096405"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4180",
"url": "https://bugzilla.suse.com/1096408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-07T10:47:47Z",
"details": "important"
}
],
"title": "CVE-2018-4180"
},
{
"cve": "CVE-2018-4181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4181"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4181",
"url": "https://www.suse.com/security/cve/CVE-2018-4181"
},
{
"category": "external",
"summary": "SUSE Bug 1096406 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1096406"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "external",
"summary": "SUSE Bug 1105281 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1105281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-07T10:47:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-4181"
},
{
"cve": "CVE-2018-4182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4182"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4182",
"url": "https://www.suse.com/security/cve/CVE-2018-4182"
},
{
"category": "external",
"summary": "SUSE Bug 1096407 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "external",
"summary": "SUSE Bug 1105281 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1105281"
},
{
"category": "external",
"summary": "SUSE Bug 1217278 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1217278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-07T10:47:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-4182"
},
{
"cve": "CVE-2018-4183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4183"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4183",
"url": "https://www.suse.com/security/cve/CVE-2018-4183"
},
{
"category": "external",
"summary": "SUSE Bug 1096407 for CVE-2018-4183",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4183",
"url": "https://bugzilla.suse.com/1096408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-client-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-32bit-1.3.9-8.46.56.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:cups-libs-x86-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:cups-devel-1.3.9-8.46.56.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-07T10:47:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-4183"
}
]
}
SUSE-SU-2018:2162-1
Vulnerability from csaf_suse - Published: 2018-08-01 12:02 - Updated: 2018-08-01 12:02Summary
Security update for cups
Notes
Title of the patch
Security update for cups
Description of the patch
This update for cups fixes the following issues:
The following security vulnerabilities were fixed:
- CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that
was causing the DBUS library to abort the calling process. (bsc#1061066 bsc#1087018)
- Fixed a local privilege escalation to root and sandbox bypasses in the
scheduler
- CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend
(bsc#1096405)
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include
directive (bsc#1096406)
- CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling
(bsc#1096407)
- CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration
(bsc#1096408)
The following other issue was fixed:
- Fixed authorization check for clients (like samba) connected through the
local socket when Kerberos authentication is enabled (bsc#1050082)
Patchnames
SUSE-SLE-DESKTOP-12-SP3-2018-1471,SUSE-SLE-SDK-12-SP3-2018-1471,SUSE-SLE-SERVER-12-SP3-2018-1471
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cups",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cups fixes the following issues:\n\nThe following security vulnerabilities were fixed:\n\n- CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that\n was causing the DBUS library to abort the calling process. (bsc#1061066 bsc#1087018)\n- Fixed a local privilege escalation to root and sandbox bypasses in the\n scheduler\n- CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend\n (bsc#1096405)\n- CVE-2018-4181: Limited local file reads as root via cupsd.conf include\n directive (bsc#1096406)\n- CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling\n (bsc#1096407)\n- CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration\n (bsc#1096408)\n\nThe following other issue was fixed:\n\n- Fixed authorization check for clients (like samba) connected through the\n local socket when Kerberos authentication is enabled (bsc#1050082)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2018-1471,SUSE-SLE-SDK-12-SP3-2018-1471,SUSE-SLE-SERVER-12-SP3-2018-1471",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2162-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2162-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182162-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2162-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004364.html"
},
{
"category": "self",
"summary": "SUSE Bug 1050082",
"url": "https://bugzilla.suse.com/1050082"
},
{
"category": "self",
"summary": "SUSE Bug 1061066",
"url": "https://bugzilla.suse.com/1061066"
},
{
"category": "self",
"summary": "SUSE Bug 1087018",
"url": "https://bugzilla.suse.com/1087018"
},
{
"category": "self",
"summary": "SUSE Bug 1096405",
"url": "https://bugzilla.suse.com/1096405"
},
{
"category": "self",
"summary": "SUSE Bug 1096406",
"url": "https://bugzilla.suse.com/1096406"
},
{
"category": "self",
"summary": "SUSE Bug 1096407",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "self",
"summary": "SUSE Bug 1096408",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18248 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4180 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4181 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-4183 page",
"url": "https://www.suse.com/security/cve/CVE-2018-4183/"
}
],
"title": "Security update for cups",
"tracking": {
"current_release_date": "2018-08-01T12:02:19Z",
"generator": {
"date": "2018-08-01T12:02:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2162-1",
"initial_release_date": "2018-08-01T12:02:19Z",
"revision_history": [
{
"date": "2018-08-01T12:02:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.14.1.aarch64",
"product": {
"name": "cups-ddk-1.7.5-20.14.1.aarch64",
"product_id": "cups-ddk-1.7.5-20.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.14.1.aarch64",
"product": {
"name": "cups-devel-1.7.5-20.14.1.aarch64",
"product_id": "cups-devel-1.7.5-20.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-1.7.5-20.14.1.aarch64",
"product": {
"name": "cups-1.7.5-20.14.1.aarch64",
"product_id": "cups-1.7.5-20.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.14.1.aarch64",
"product": {
"name": "cups-client-1.7.5-20.14.1.aarch64",
"product_id": "cups-client-1.7.5-20.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.14.1.aarch64",
"product": {
"name": "cups-libs-1.7.5-20.14.1.aarch64",
"product_id": "cups-libs-1.7.5-20.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.14.1.ppc64le",
"product": {
"name": "cups-ddk-1.7.5-20.14.1.ppc64le",
"product_id": "cups-ddk-1.7.5-20.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.14.1.ppc64le",
"product": {
"name": "cups-devel-1.7.5-20.14.1.ppc64le",
"product_id": "cups-devel-1.7.5-20.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-1.7.5-20.14.1.ppc64le",
"product": {
"name": "cups-1.7.5-20.14.1.ppc64le",
"product_id": "cups-1.7.5-20.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.14.1.ppc64le",
"product": {
"name": "cups-client-1.7.5-20.14.1.ppc64le",
"product_id": "cups-client-1.7.5-20.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.14.1.ppc64le",
"product": {
"name": "cups-libs-1.7.5-20.14.1.ppc64le",
"product_id": "cups-libs-1.7.5-20.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.14.1.s390x",
"product": {
"name": "cups-ddk-1.7.5-20.14.1.s390x",
"product_id": "cups-ddk-1.7.5-20.14.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.14.1.s390x",
"product": {
"name": "cups-devel-1.7.5-20.14.1.s390x",
"product_id": "cups-devel-1.7.5-20.14.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-1.7.5-20.14.1.s390x",
"product": {
"name": "cups-1.7.5-20.14.1.s390x",
"product_id": "cups-1.7.5-20.14.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.14.1.s390x",
"product": {
"name": "cups-client-1.7.5-20.14.1.s390x",
"product_id": "cups-client-1.7.5-20.14.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.14.1.s390x",
"product": {
"name": "cups-libs-1.7.5-20.14.1.s390x",
"product_id": "cups-libs-1.7.5-20.14.1.s390x"
}
},
{
"category": "product_version",
"name": "cups-libs-32bit-1.7.5-20.14.1.s390x",
"product": {
"name": "cups-libs-32bit-1.7.5-20.14.1.s390x",
"product_id": "cups-libs-32bit-1.7.5-20.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cups-1.7.5-20.14.1.x86_64",
"product": {
"name": "cups-1.7.5-20.14.1.x86_64",
"product_id": "cups-1.7.5-20.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-client-1.7.5-20.14.1.x86_64",
"product": {
"name": "cups-client-1.7.5-20.14.1.x86_64",
"product_id": "cups-client-1.7.5-20.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-libs-1.7.5-20.14.1.x86_64",
"product": {
"name": "cups-libs-1.7.5-20.14.1.x86_64",
"product_id": "cups-libs-1.7.5-20.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-libs-32bit-1.7.5-20.14.1.x86_64",
"product": {
"name": "cups-libs-32bit-1.7.5-20.14.1.x86_64",
"product_id": "cups-libs-32bit-1.7.5-20.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-ddk-1.7.5-20.14.1.x86_64",
"product": {
"name": "cups-ddk-1.7.5-20.14.1.x86_64",
"product_id": "cups-ddk-1.7.5-20.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "cups-devel-1.7.5-20.14.1.x86_64",
"product": {
"name": "cups-devel-1.7.5-20.14.1.x86_64",
"product_id": "cups-devel-1.7.5-20.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-ddk-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-ddk-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-ddk-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-ddk-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-ddk-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-devel-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-devel-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-devel-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-devel-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-devel-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-client-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-client-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-client-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-libs-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-libs-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-libs-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-libs-32bit-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-client-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-client-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-client-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-client-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-client-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64"
},
"product_reference": "cups-libs-1.7.5-20.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le"
},
"product_reference": "cups-libs-1.7.5-20.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-libs-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-libs-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.14.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x"
},
"product_reference": "cups-libs-32bit-1.7.5-20.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cups-libs-32bit-1.7.5-20.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64"
},
"product_reference": "cups-libs-32bit-1.7.5-20.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-18248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18248"
}
],
"notes": [
{
"category": "general",
"text": "The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18248",
"url": "https://www.suse.com/security/cve/CVE-2017-18248"
},
{
"category": "external",
"summary": "SUSE Bug 1087018 for CVE-2017-18248",
"url": "https://bugzilla.suse.com/1087018"
},
{
"category": "external",
"summary": "SUSE Bug 1087072 for CVE-2017-18248",
"url": "https://bugzilla.suse.com/1087072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-01T12:02:19Z",
"details": "moderate"
}
],
"title": "CVE-2017-18248"
},
{
"cve": "CVE-2018-4180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4180"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4180",
"url": "https://www.suse.com/security/cve/CVE-2018-4180"
},
{
"category": "external",
"summary": "SUSE Bug 1096405 for CVE-2018-4180",
"url": "https://bugzilla.suse.com/1096405"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4180",
"url": "https://bugzilla.suse.com/1096408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-01T12:02:19Z",
"details": "important"
}
],
"title": "CVE-2018-4180"
},
{
"cve": "CVE-2018-4181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4181"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4181",
"url": "https://www.suse.com/security/cve/CVE-2018-4181"
},
{
"category": "external",
"summary": "SUSE Bug 1096406 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1096406"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "external",
"summary": "SUSE Bug 1105281 for CVE-2018-4181",
"url": "https://bugzilla.suse.com/1105281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-01T12:02:19Z",
"details": "moderate"
}
],
"title": "CVE-2018-4181"
},
{
"cve": "CVE-2018-4182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4182"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4182",
"url": "https://www.suse.com/security/cve/CVE-2018-4182"
},
{
"category": "external",
"summary": "SUSE Bug 1096407 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1096408"
},
{
"category": "external",
"summary": "SUSE Bug 1105281 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1105281"
},
{
"category": "external",
"summary": "SUSE Bug 1217278 for CVE-2018-4182",
"url": "https://bugzilla.suse.com/1217278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-01T12:02:19Z",
"details": "moderate"
}
],
"title": "CVE-2018-4182"
},
{
"cve": "CVE-2018-4183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-4183"
}
],
"notes": [
{
"category": "general",
"text": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-4183",
"url": "https://www.suse.com/security/cve/CVE-2018-4183"
},
{
"category": "external",
"summary": "SUSE Bug 1096407 for CVE-2018-4183",
"url": "https://bugzilla.suse.com/1096407"
},
{
"category": "external",
"summary": "SUSE Bug 1096408 for CVE-2018-4183",
"url": "https://bugzilla.suse.com/1096408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-client-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cups-libs-32bit-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-ddk-1.7.5-20.14.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:cups-devel-1.7.5-20.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-01T12:02:19Z",
"details": "moderate"
}
],
"title": "CVE-2018-4183"
}
]
}
CNVD-2019-01546
Vulnerability from cnvd - Published: 2019-01-15
VLAI Severity ?
Title
Apple macOS High Sierra CUPS沙盒绕过漏洞(CNVD-2019-01546)
Description
Apple macOS High Sierra是美国苹果(Apple)公司的一套专为Mac计算机所开发的专用操作系统。CUPS是其中的一个开源的用于OS X和类Unix系统的打印系统组件。
Apple macOS High Sierra 10.13.4版本中的CUPS组件存在安全漏洞。攻击者可利用该漏洞绕过沙盒限制。
Severity
中
Patch Name
Apple macOS High Sierra CUPS沙盒绕过漏洞(CNVD-2019-01546)的补丁
Patch Description
Apple macOS High Sierra是美国苹果(Apple)公司的一套专为Mac计算机所开发的专用操作系统。CUPS是其中的一个开源的用于OS X和类Unix系统的打印系统组件。
Apple macOS High Sierra 10.13.4版本中的CUPS组件存在安全漏洞。攻击者可利用该漏洞绕过沙盒限制。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://support.apple.com/zh-cn/HT208849
Reference
https://support.apple.com/zh-cn/HT208849
Impacted products
| Name | Apple macOS High Sierra 10.13.4 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-4182",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4182"
}
},
"description": "Apple macOS High Sierra\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\u3002CUPS\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5f00\u6e90\u7684\u7528\u4e8eOS X\u548c\u7c7bUnix\u7cfb\u7edf\u7684\u6253\u5370\u7cfb\u7edf\u7ec4\u4ef6\u3002\n\nApple macOS High Sierra 10.13.4\u7248\u672c\u4e2d\u7684CUPS\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u6c99\u76d2\u9650\u5236\u3002",
"discovererName": "Dan Bastone of Gotham Digital Science",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://support.apple.com/zh-cn/HT208849",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-01546",
"openTime": "2019-01-15",
"patchDescription": "Apple macOS High Sierra\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\u3002CUPS\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5f00\u6e90\u7684\u7528\u4e8eOS X\u548c\u7c7bUnix\u7cfb\u7edf\u7684\u6253\u5370\u7cfb\u7edf\u7ec4\u4ef6\u3002\r\n\r\nApple macOS High Sierra 10.13.4\u7248\u672c\u4e2d\u7684CUPS\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u6c99\u76d2\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apple macOS High Sierra CUPS\u6c99\u76d2\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2019-01546\uff09\u7684\u8865\u4e01",
"products": {
"product": "Apple macOS High Sierra 10.13.4"
},
"referenceLink": "https://support.apple.com/zh-cn/HT208849",
"serverity": "\u4e2d",
"submitTime": "2019-01-15",
"title": "Apple macOS High Sierra CUPS\u6c99\u76d2\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2019-01546\uff09"
}
VAR-201901-1019
Vulnerability from variot - Updated: 2024-02-13 19:56In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. macOS High Sierra Contains an access vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. CUPS is one of the open source printing system components for OS X and Unix-like systems. An attacker could exploit this vulnerability to bypass sandbox restrictions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Debian Security Advisory DSA-4243-1 security@debian.org https://www.debian.org/security/ Luciano Bello July 11, 2018 https://www.debian.org/security/faq
Package : cups CVE ID : CVE-2017-15400 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2018-6553
Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System. These issues have been identified with the following CVE ids:
CVE-2017-15400
Rory McNamara discovered that an attacker is able to execute arbitrary
commands (with the privilege of the CUPS daemon) by setting a
malicious IPP server with a crafted PPD file.
CVE-2018-4180
Dan Bastone of Gotham Digital Science discovered that a local
attacker with access to cupsctl could escalate privileges by setting
an environment variable.
CVE-2018-4181
Eric Rafaloff and John Dunlap of Gotham Digital Science discovered
that a local attacker can perform limited reads of arbitrary files
as root by manipulating cupsd.conf.
CVE-2018-4182
Dan Bastone of Gotham Digital Science discovered that an attacker
with sandboxed root access can execute backends without a sandbox
profile by provoking an error in CUPS' profile creation.
CVE-2018-4183
Dan Bastone and Eric Rafaloff of Gotham Digital Science discovered
that an attacker with sandboxed root access can execute arbitrary
commands as unsandboxed root by modifying /etc/cups/cups-files.conf
CVE-2018-6553
Dan Bastone of Gotham Digital Science discovered that an attacker
can bypass the AppArmor cupsd sandbox by invoking the dnssd backend
using an alternate name that has been hard linked to dnssd.
For the stable distribution (stretch), these problems have been fixed in version 2.2.1-8+deb9u2.
We recommend that you upgrade your cups packages.
For the detailed security status of cups please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cups
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEayzFlnvRveqeWJspbsLe9o/+N3QFAltGE+0ACgkQbsLe9o/+ N3RzTBAAog31K8+nfhrds2NQZeWaz0rGevs6hHj5wuf40FemG0IoHYfl7xba66Fx gVTZSDbpOuFnG1YQet0UpfsXsogTuaPv6/qP89YASEM8ncLSgBUTKS1bK7VM6SyP NZCWUmjmfsyf0yv7tvnWnq0k5I6MwHRRX6l0fI+treXz0nwjXDIPnKH1Xbv4zW1Y TTpmxD4FknyzkXJGxJoBwMcclPGCkT6W1IrBPQrjscUJvFBWiNW3umAoiuv+aCCr sM+raoK0SJTLFJ289AhrXajKilt0SfTHly12mpxUKnyevPCAz5o+nbtQMhQrALLQ foRuTAfI3WhubZFd7bTUjhrVo1nhS4khnmriyRxsCL7o19dc5rfQd1fO1IvCDQCb YtnWhDD7Tfzspetpr5kUk/pbB1U//uyWDFji73ZURFPbn5Pa+Z80OUGIRd9IIlNg ODJsNq5X/bjwoJgwJwi3W6SieyNWKBaTR5Ktk2iqBOJQ++KqV3BmsCVI/B/5NFnV /heBZYugaknsmdQVbdKa9jv3GIr4TE4frqJJrAsZ0KGnlKNNzoe3pQIk6nA0f/4d z3JalPDGwfL+Qq2AAJlqx2346ro0bViHUAGXJc1zsx44LHBVaRotV+a0gTXsh3z/ 3tQIHs2KZ4KRzczK7pbDDbeSEsaL6XsWb0vXbG2ZNAHoGxV7jQo= =g0fa -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201908-08
https://security.gentoo.org/
Severity: Normal Title: CUPS: Multiple vulnerabilities Date: August 15, 2019 Bugs: #660954 ID: 201908-08
Synopsis
Multiple vulnerabilities have been found in CUPS, the worst of which could result in the arbitrary execution of code.
Background
CUPS, the Common Unix Printing System, is a full-featured print server.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 2.2.8 >= 2.2.8
Description
Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All CUPS users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-print/cups-2.2.8"
References
[ 1 ] CVE-2017-15400 https://nvd.nist.gov/vuln/detail/CVE-2017-15400 [ 2 ] CVE-2018-4180 https://nvd.nist.gov/vuln/detail/CVE-2018-4180 [ 3 ] CVE-2018-4181 https://nvd.nist.gov/vuln/detail/CVE-2018-4181 [ 4 ] CVE-2018-4182 https://nvd.nist.gov/vuln/detail/CVE-2018-4182 [ 5 ] CVE-2018-4183 https://nvd.nist.gov/vuln/detail/CVE-2018-4183 [ 6 ] CVE-2018-6553 https://nvd.nist.gov/vuln/detail/CVE-2018-6553
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201908-08
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-1019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.13.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.0.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.0.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.1.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.0.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.0.2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
},
{
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.13.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "154076"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
}
],
"trust": 0.7
},
"cve": "CVE-2018-4182",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-4182",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-134213",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-4182",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4182",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-395",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134213",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-4182",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134213"
},
{
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
},
{
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. macOS High Sierra Contains an access vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. CUPS is one of the open source printing system components for OS X and Unix-like systems. An attacker could exploit this vulnerability to bypass sandbox restrictions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4243-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nJuly 11, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : cups\nCVE ID : CVE-2017-15400 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 \n CVE-2018-4183 CVE-2018-6553\n\nSeveral vulnerabilities were discovered in CUPS, the Common UNIX Printing\nSystem. These issues have been identified with the following CVE ids:\n\nCVE-2017-15400\n\n Rory McNamara discovered that an attacker is able to execute arbitrary\n commands (with the privilege of the CUPS daemon) by setting a\n malicious IPP server with a crafted PPD file. \n\nCVE-2018-4180\n\n Dan Bastone of Gotham Digital Science discovered that a local\n attacker with access to cupsctl could escalate privileges by setting\n an environment variable. \n\nCVE-2018-4181\n\n Eric Rafaloff and John Dunlap of Gotham Digital Science discovered\n that a local attacker can perform limited reads of arbitrary files\n as root by manipulating cupsd.conf. \n\nCVE-2018-4182\n\n Dan Bastone of Gotham Digital Science discovered that an attacker\n with sandboxed root access can execute backends without a sandbox\n profile by provoking an error in CUPS\u0027 profile creation. \n\nCVE-2018-4183\n\n Dan Bastone and Eric Rafaloff of Gotham Digital Science discovered\n that an attacker with sandboxed root access can execute arbitrary\n commands as unsandboxed root by modifying /etc/cups/cups-files.conf\n\nCVE-2018-6553\n\n Dan Bastone of Gotham Digital Science discovered that an attacker\n can bypass the AppArmor cupsd sandbox by invoking the dnssd backend\n using an alternate name that has been hard linked to dnssd. \n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.2.1-8+deb9u2. \n\nWe recommend that you upgrade your cups packages. \n\nFor the detailed security status of cups please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/cups\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEayzFlnvRveqeWJspbsLe9o/+N3QFAltGE+0ACgkQbsLe9o/+\nN3RzTBAAog31K8+nfhrds2NQZeWaz0rGevs6hHj5wuf40FemG0IoHYfl7xba66Fx\ngVTZSDbpOuFnG1YQet0UpfsXsogTuaPv6/qP89YASEM8ncLSgBUTKS1bK7VM6SyP\nNZCWUmjmfsyf0yv7tvnWnq0k5I6MwHRRX6l0fI+treXz0nwjXDIPnKH1Xbv4zW1Y\nTTpmxD4FknyzkXJGxJoBwMcclPGCkT6W1IrBPQrjscUJvFBWiNW3umAoiuv+aCCr\nsM+raoK0SJTLFJ289AhrXajKilt0SfTHly12mpxUKnyevPCAz5o+nbtQMhQrALLQ\nfoRuTAfI3WhubZFd7bTUjhrVo1nhS4khnmriyRxsCL7o19dc5rfQd1fO1IvCDQCb\nYtnWhDD7Tfzspetpr5kUk/pbB1U//uyWDFji73ZURFPbn5Pa+Z80OUGIRd9IIlNg\nODJsNq5X/bjwoJgwJwi3W6SieyNWKBaTR5Ktk2iqBOJQ++KqV3BmsCVI/B/5NFnV\n/heBZYugaknsmdQVbdKa9jv3GIr4TE4frqJJrAsZ0KGnlKNNzoe3pQIk6nA0f/4d\nz3JalPDGwfL+Qq2AAJlqx2346ro0bViHUAGXJc1zsx44LHBVaRotV+a0gTXsh3z/\n3tQIHs2KZ4KRzczK7pbDDbeSEsaL6XsWb0vXbG2ZNAHoGxV7jQo=\n=g0fa\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201908-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: CUPS: Multiple vulnerabilities\n Date: August 15, 2019\n Bugs: #660954\n ID: 201908-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in CUPS, the worst of which\ncould result in the arbitrary execution of code. \n\nBackground\n==========\n\nCUPS, the Common Unix Printing System, is a full-featured print server. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-print/cups \u003c 2.2.8 \u003e= 2.2.8 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in CUPS. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-2.2.8\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-15400\n https://nvd.nist.gov/vuln/detail/CVE-2017-15400\n[ 2 ] CVE-2018-4180\n https://nvd.nist.gov/vuln/detail/CVE-2018-4180\n[ 3 ] CVE-2018-4181\n https://nvd.nist.gov/vuln/detail/CVE-2018-4181\n[ 4 ] CVE-2018-4182\n https://nvd.nist.gov/vuln/detail/CVE-2018-4182\n[ 5 ] CVE-2018-4183\n https://nvd.nist.gov/vuln/detail/CVE-2018-4183\n[ 6 ] CVE-2018-6553\n https://nvd.nist.gov/vuln/detail/CVE-2018-6553\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201908-08\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2019 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "VULHUB",
"id": "VHN-134213"
},
{
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"db": "PACKETSTORM",
"id": "148503"
},
{
"db": "PACKETSTORM",
"id": "154076"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4182",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVNVU98864649",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "154076",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-134213",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148503",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134213"
},
{
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "PACKETSTORM",
"id": "148503"
},
{
"db": "PACKETSTORM",
"id": "154076"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
},
{
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"id": "VAR-201901-1019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134213"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T19:56:21.139000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208849",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208849"
},
{
"title": "HT208849",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208849"
},
{
"title": "Apple macOS High Sierra CUPS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88559"
},
{
"title": "Debian CVElist Bug Report Logs: cups: CVE-2018-6553",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=6c21552f0cd7f35a80acbcf87758caaf"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-285",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134213"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201908-08"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208849"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2018/dsa-4243"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/security/cve/cve-2018-4182"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4182"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4182"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98864649/index.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/154076/gentoo-linux-security-advisory-201908-08.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4183"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6553"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4180"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4181"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15400"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903605"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/cups"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134213"
},
{
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "PACKETSTORM",
"id": "148503"
},
{
"db": "PACKETSTORM",
"id": "154076"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
},
{
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-134213"
},
{
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"db": "PACKETSTORM",
"id": "148503"
},
{
"db": "PACKETSTORM",
"id": "154076"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
},
{
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-11T00:00:00",
"db": "VULHUB",
"id": "VHN-134213"
},
{
"date": "2019-01-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"date": "2019-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"date": "2018-07-11T15:36:35",
"db": "PACKETSTORM",
"id": "148503"
},
{
"date": "2019-08-15T20:22:49",
"db": "PACKETSTORM",
"id": "154076"
},
{
"date": "2019-01-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-395"
},
{
"date": "2019-01-11T18:29:01.127000",
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134213"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4182"
},
{
"date": "2019-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013601"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-395"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-4182"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "macOS High Sierra Access vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013601"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-395"
}
],
"trust": 0.6
}
}
FKIE_CVE-2018-4182
Vulnerability from fkie_nvd - Published: 2019-01-11 18:29 - Updated: 2024-11-21 04:06
Severity ?
Summary
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B9799C-6891-4D51-9E17-92D1407740F9",
"versionEndExcluding": "10.13.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS."
},
{
"lang": "es",
"value": "En macOS High Sierra en versiones anteriores a la 10.13.5, se abord\u00f3 un problema de acceso con restricciones adicionales del sandbox en CUPS."
}
],
"id": "CVE-2018-4182",
"lastModified": "2024-11-21T04:06:55.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-11T18:29:01.127",
"references": [
{
"source": "product-security@apple.com",
"url": "https://security.gentoo.org/glsa/201908-08"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT208849"
},
{
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4243"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-4182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201908-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT208849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4243"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-77QC-WCQ2-M5V2
Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52
VLAI?
Details
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
Severity ?
8.2 (High)
{
"affected": [],
"aliases": [
"CVE-2018-4182"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-11T18:29:00Z",
"severity": "HIGH"
},
"details": "In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.",
"id": "GHSA-77qc-wcq2-m5v2",
"modified": "2022-05-13T01:52:38Z",
"published": "2022-05-13T01:52:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4182"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2018-4182"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201908-08"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208849"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4243"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…