AZL-67112

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67112.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-67112

Upstream

CVE-2025-58060

Published

2025-09-11T18:15:34Z

Modified

2026-04-01T05:21:48.491738Z

Summary

CVE-2025-58060 affecting package cups for versions less than 2.4.13-1

Details

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in authentication bypass. Any configuration that allows an AuthType that is not Basic is affected. Version 2.4.13 fixes the issue.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-58060

Affected packages

Azure Linux:3 / cups

Package

Name: cups
Purl: pkg:rpm/azure-linux/cups

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.13-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67112.json"