CVE-2019-2180
MEDIUM5.5EPSS 0.02%cups - security update
發布日:2019/9/5修改日:2026/4/28
也稱為:DEBIAN-CVE-2019-2180
描述
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.
受影響套件(2)
- Debian/cupsfrom 0, < 2.2.12-1
- Debian/cupsfrom 0, < 1.7.5-11+deb8u5
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.5 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |