cvedb.io
CVE-2017-18248
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2018-03-26T17:29:00.207 · Last modified 2026-06-17T01:12:28.640

Summary

The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.

Affected products

apple — cups

Does this affect you?

Add your gear to cvedb and we'll alert you only when apple ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.