DEBIAN-CVE-2019-2180

DEBIAN-CVE-2019-2180 PUBLISHED CVSS 5.5 MEDIUM

In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS v3.0

5.5

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:13	cups	0, 0, 0
Debian:14	cups	0, 0, 0
Debian:12	cups	0, 0, 0
Debian:11	cups	0, 0, 0

Timeline

Sep 5, 2019 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2019-2180 advisory

Open in Interactive Console →