Approved changes feed: RSS · Atom

cpe:2.3:a:openprinting:cups-browsed:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorOpenprinting (93a57ef6-4097-59be-aade-33c84577f500)
ProductCups Browsed (87415c15-0b72-5de6-89f9-731d7c30c09c)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/openprinting/cups-browsed purl2cpe 2026-06-01 10:12:23.096597

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-47176 vulnerable 2026-06-08 06:48:11.539828 cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source
MEDIUM (5.3)
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
Published: 2024-09-26T21:13:05.913Z
Updated: 2025-11-04T21:08:56.576Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.