Versions mentioned in the description apply to the upstream
Remediation section below for
Debian:10 relevant versions.
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
cups to version 2.2.3-2 or higher.