{"id":"UBUNTU-CVE-2025-55174","details":"In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.","modified":"2026-01-20T20:05:03.363861Z","published":"2025-11-26T06:15:00Z","upstream":["CVE-2025-55174"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-55174"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2025-55174"},{"type":"REPORT","url":"https://kde.org/info/security/advisory-20250811-1.txt"},{"type":"REPORT","url":"https://commits.kde.org/skanpage/19308900da27b46739f2360426b91479e7179a2f"},{"type":"REPORT","url":"https://github.com/KDE/skanpage/tags"},{"type":"REPORT","url":"https://invent.kde.org/utilities/skanpage/-/commit/de3ad2941054a26920e022dc7c4a3dc16c065b5a"}],"affected":[{"package":{"name":"skanpage","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/skanpage@23.08.5-0ubuntu6?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["23.08.1-0ubuntu1","23.08.2-0ubuntu1","23.08.3-0ubuntu1","23.08.4-0ubuntu1","23.08.5-0ubuntu1","23.08.5-0ubuntu2","23.08.5-0ubuntu3","23.08.5-0ubuntu4","23.08.5-0ubuntu6"],"ecosystem_specific":{"binaries":[{"binary_name":"skanpage","binary_version":"23.08.5-0ubuntu6"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-55174.json"}},{"package":{"name":"skanpage","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/skanpage@25.08.1-0ubuntu1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["24.12.3-0ubuntu1","25.04.0-0ubuntu1","25.04.1-0ubuntu1","25.04.2-0ubuntu1","25.04.2-1ubuntu1","25.04.3-0ubuntu1","25.07.80-0ubuntu1","25.07.90-0ubuntu1","25.08.0-0ubuntu1","25.08.1-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"skanpage","binary_version":"25.08.1-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-55174.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}