Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.

INFO

Published Date :

2025-09-11T17:06:32.899Z

Last Modified :

2025-11-04T21:13:22.294Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-58060 vulnerability.

Vendors Products
Linux
  • Linux
Openprinting
  • Cups
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-58060.

URL Resource
http://www.openwall.com/lists/oss-security/2025/09/11/1 cve-icon
https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221 cve-icon cve-icon
https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-58060 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-58060 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact