CVE-2014-5031
EPSS 1.6%
Description
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
How to fix CVE-2014-5031
To remediate CVE-2014-5031, upgrade the affected package to a fixed version below.
- Debian/cups—upgrade to 1.7.4-2 or later
Is CVE-2014-5031 being exploited?
Low — EPSS is 1.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.7.4-2