Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/cups@2.4.13-r0?arch=ppc64le&distroversion=edge&reponame=main

Type apk

Namespace alpine

Name cups

Version 2.4.13-r0

Qualifiers

arch	ppc64le
distroversion	edge
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.4.16-r0

Latest_non_vulnerable_version 2.4.18-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5rcm-bxt2-cuev

vulnerability_id VCID-5rcm-bxt2-cuev

summary OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups & cups-browsed to crash, on all the machines in local network who are listening for printers (so by default for all regular linux machines). On systems where the vulnerability CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was not fixed, and the firewall on the machine does not reject incoming communication to IPP port, and the machine is set to be available to public internet, attack vector "Network" is possible. The current versions of CUPS and cups-browsed projects have the attack vector "Adjacent" in their default configurations. Version 2.4.13 contains a patch for CVE-2025-58364.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58364.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58364.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-58364

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.37394
published_at	2026-06-05T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.374
published_at	2026-06-06T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.39944
published_at	2026-06-08T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.39971
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-58364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58364

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2393078
reference_id	2393078
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2393078

reference_url

https://github.com/OpenPrinting/cups/commit/e58cba9d6fceed4242980e51dbd1302cf638ab1d

reference_id

e58cba9d6fceed4242980e51dbd1302cf638ab1d

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T17:37:26Z/

url

https://github.com/OpenPrinting/cups/commit/e58cba9d6fceed4242980e51dbd1302cf638ab1d

reference_url

https://github.com/OpenPrinting/cups/security/advisories/GHSA-7qx3-r744-6qv4

reference_id

GHSA-7qx3-r744-6qv4

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T17:37:26Z/

url

https://github.com/OpenPrinting/cups/security/advisories/GHSA-7qx3-r744-6qv4

reference_url	https://access.redhat.com/errata/RHSA-2025:15700
reference_id	RHSA-2025:15700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15700

reference_url	https://access.redhat.com/errata/RHSA-2025:15701
reference_id	RHSA-2025:15701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15701

reference_url	https://access.redhat.com/errata/RHSA-2025:16590
reference_id	RHSA-2025:16590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16590

reference_url	https://access.redhat.com/errata/RHSA-2025:16591
reference_id	RHSA-2025:16591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16591

reference_url	https://access.redhat.com/errata/RHSA-2025:16592
reference_id	RHSA-2025:16592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16592

reference_url	https://access.redhat.com/errata/RHSA-2025:22063
reference_id	RHSA-2025:22063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22063

reference_url	https://access.redhat.com/errata/RHSA-2026:8814
reference_id	RHSA-2026:8814
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8814

reference_url	https://usn.ubuntu.com/7745-1/
reference_id	USN-7745-1
reference_type
scores
url	https://usn.ubuntu.com/7745-1/

fixed_packages

url	pkg:apk/alpine/cups@2.4.13-r0?arch=ppc64le&distroversion=edge&reponame=main
purl	pkg:apk/alpine/cups@2.4.13-r0?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cups@2.4.13-r0%3Farch=ppc64le&distroversion=edge&reponame=main

aliases CVE-2025-58364

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5rcm-bxt2-cuev

url VCID-zta3-u1xk-vubz

vulnerability_id VCID-zta3-u1xk-vubz

summary OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58060.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58060.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-58060

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.16982
published_at	2026-06-05T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16978
published_at	2026-06-06T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17278
published_at	2026-06-08T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17357
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-58060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58060
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58060

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2392595
reference_id	2392595
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2392595

reference_url

https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221

reference_id

595d691075b1d396d2edfaa0a8fd0873a0a1f221

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-11T17:33:32Z/

url

https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221

reference_url

https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq

reference_id

GHSA-4c68-qgrh-rmmq

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-11T17:33:32Z/

url

https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq

reference_url	https://access.redhat.com/errata/RHSA-2025:15700
reference_id	RHSA-2025:15700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15700

reference_url	https://access.redhat.com/errata/RHSA-2025:15701
reference_id	RHSA-2025:15701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15701

reference_url	https://access.redhat.com/errata/RHSA-2025:15702
reference_id	RHSA-2025:15702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15702

reference_url	https://access.redhat.com/errata/RHSA-2025:16590
reference_id	RHSA-2025:16590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16590

reference_url	https://access.redhat.com/errata/RHSA-2025:16591
reference_id	RHSA-2025:16591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16591

reference_url	https://access.redhat.com/errata/RHSA-2025:16592
reference_id	RHSA-2025:16592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16592

reference_url	https://access.redhat.com/errata/RHSA-2025:17049
reference_id	RHSA-2025:17049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17049

reference_url	https://access.redhat.com/errata/RHSA-2025:17054
reference_id	RHSA-2025:17054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17054

reference_url	https://access.redhat.com/errata/RHSA-2025:17141
reference_id	RHSA-2025:17141
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17141

reference_url	https://access.redhat.com/errata/RHSA-2025:17144
reference_id	RHSA-2025:17144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17144

reference_url	https://access.redhat.com/errata/RHSA-2025:17164
reference_id	RHSA-2025:17164
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17164

reference_url	https://access.redhat.com/errata/RHSA-2025:19894
reference_id	RHSA-2025:19894
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19894

reference_url	https://access.redhat.com/errata/RHSA-2026:0934
reference_id	RHSA-2026:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0934

reference_url	https://access.redhat.com/errata/RHSA-2026:8814
reference_id	RHSA-2026:8814
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8814

reference_url	https://usn.ubuntu.com/7745-1/
reference_id	USN-7745-1
reference_type
scores
url	https://usn.ubuntu.com/7745-1/

fixed_packages

url	pkg:apk/alpine/cups@2.4.13-r0?arch=ppc64le&distroversion=edge&reponame=main
purl	pkg:apk/alpine/cups@2.4.13-r0?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cups@2.4.13-r0%3Farch=ppc64le&distroversion=edge&reponame=main

aliases CVE-2025-58060

risk_score 3.6

exploitability 0.5

weighted_severity 7.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zta3-u1xk-vubz

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cups@2.4.13-r0%3Farch=ppc64le&distroversion=edge&reponame=main

Package Instance