CVE-2025-55174
3.2
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
Summary
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| KDE | Skanpage | 0 < 25.08.0 | affected |
Weaknesses
- CWE-684: CWE-684 Incorrect Provision of Specified Functionality
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://github.com/KDE/skanpage/tags
- https://invent.kde.org/utilities/skanpage/-/commit/de3ad2941054a26920e022dc7c4a3dc16c065b5a
- https://kde.org/info/security/advisory-20250811-1.txt
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.