AZL-53837

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-53837.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-53837

Upstream

CVE-2024-47850

Published

2024-10-04T05:15:11Z

Modified

2026-04-01T05:18:08.829471Z

Summary

CVE-2024-47850 affecting package cups for versions less than 1.28.17-3

Details

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-47850

Affected packages

Azure Linux:3 / cups

Package

Name: cups
Purl: pkg:rpm/azure-linux/cups

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.28.17-3

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-53837.json"