HIGH🇬🇧 English

CVE-2025-58060

CVSS 8.0v3.1pub. 2025-09-11upd. 2025-11-04

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
  • Openprinting Cups

    APP
    Openprinting
    < 2.4.13
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2023-4504HIGH7.0ten sam produkt

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libp...

CVE-2023-32324HIGH7.5ten sam produkt

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulne...

CVE-2026-41079MEDIUM4.3ten sam produkt

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to ...

CVE-2026-39316MEDIUM4.0ten sam produkt

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versio...

CVE-2026-39314MEDIUM4.0ten sam produkt

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versio...