CVE-2025-43023 — Improper Verification of Cryptographic Signature in HP Linux Imaging AND Printing

CWE-347 — Improper Verification of Cryptographic Signature3 documents3 sources

Severity

5.9MEDIUMNVD

EPSS

0.0%

top 90.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Linux Imaging AND Printing HP INC HP Linux Imaging AND Printing Software

Timeline

PublishedJul 28

Description

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA).

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5hp_inc/hp_linux_imaging_and_printing_softwareSee HP security bulletin reference for affected versions

▶NVDhp/linux_imaging_and_printing< 3.25.2

🔴Vulnerability Details

OSV

CVE-2025-43023: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation↗2025-07-28

▶

GHSA

GHSA-f9vh-cwpr-5m8f: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation↗2025-07-28

▶