UBUNTU-CVE-2025-55174
- Source
- https://ubuntu.com/security/CVE-2025-55174
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-55174.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-55174
- Upstream
- Published
- 2025-11-26T06:15:00Z
- Modified
- 2026-01-20T19:04:39.632803Z
- Severity
-
- 3.2 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.
- References
-
- https://ubuntu.com/security/CVE-2025-55174
- https://www.cve.org/CVERecord?id=CVE-2025-55174
- https://kde.org/info/security/advisory-20250811-1.txt
- https://commits.kde.org/skanpage/19308900da27b46739f2360426b91479e7179a2f
- https://github.com/KDE/skanpage/tags
- https://invent.kde.org/utilities/skanpage/-/commit/de3ad2941054a26920e022dc7c4a3dc16c065b5a
Affected packages
Ubuntu:24.04:LTS / skanpage
Package
- Name
- skanpage
- Purl
- pkg:deb/ubuntu/skanpage@23.08.5-0ubuntu6?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
23.*
23.08.1-0ubuntu1
23.08.2-0ubuntu1
23.08.3-0ubuntu1
23.08.4-0ubuntu1
23.08.5-0ubuntu1
23.08.5-0ubuntu2
23.08.5-0ubuntu3
23.08.5-0ubuntu4
23.08.5-0ubuntu6
Ubuntu:25.10 / skanpage
Package
- Name
- skanpage
- Purl
- pkg:deb/ubuntu/skanpage@25.08.1-0ubuntu1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
24.*
24.12.3-0ubuntu1
25.*
25.04.0-0ubuntu1
25.04.1-0ubuntu1
25.04.2-0ubuntu1
25.04.2-1ubuntu1
25.04.3-0ubuntu1
25.07.80-0ubuntu1
25.07.90-0ubuntu1
25.08.0-0ubuntu1
25.08.1-0ubuntu1