VDB
GCVE-110-MAGEIA-2018-147
GCVE-110-MAGEIA-2018-147
Advisory Published
Updated cups packages fix security vulnerability:
Jann Horn discovered that CUPS permitted HTTP requests with the Host header set
to "localhost.localdomain" from the loopback interface. If a user were tricked
in to opening a specially crafted website in their web browser, an attacker
could potentially exploit this to obtain sensitive information or control
printers, via a DNS rebinding attack (CVE-2017-18190).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | simgear | 0 (affected), 2018.2.2-5.mga6 (unaffected) | — |
| Mageia | flightgear-data | 0 (affected), 2018.2.2-1.mga6 (unaffected) | — |
| Mageia | flightgear | 0 (affected), 2018.2.2-5.mga6 (unaffected) | — |
| Mageia | cups | 0 (affected), 2.0.4-1.4.mga5 (unaffected), 0 (affected), 2.0.4-1.4.mga5 (unaffected) | — |
References
Flightgear maintenance release
advisory
Browse GCVE Records
71,925 records in the GCVE database · Updated July 13, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.