View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2014-3537 severity moderate: SUSE including 407 source package names (amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, amazon/suse-sles-15-sp1-chost-byos-v20220127-hvm-ssd-x86_64, …), 545 product×package rows across 77 product lines (HPE Helion OpenStack 8, SUSE Linux Enterprise Desktop 11 SP3, … (77 product lines)): Fixed 325, Known Affected 157, Known Not Affected 63.
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.