Main Vulnerability Database Vulnerabilities #VU113810

#VU113810 Numeric Truncation Error in Skanpage - CVE-2025-55174

Published: August 12, 2025

Vulnerability identifier: #VU113810

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-55174

CWE-ID: CWE-197

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Skanpage

Software vendor:
KDE.org

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to application does not properly overwrite large files. A remote attacker can trick the victim into overwriting an existing large file, which will lead to the file having contents of the new file at the beginning followed by partial contents of the old file at the end. Such application behavior can lead to information disclosure when the resultant file is shared with an untrusted third-party.

Remediation

Install updates from vendor's website.

External links

https://kde.org/info/security/advisory-20250811-1.txt

#VU113810 Numeric Truncation Error in Skanpage - CVE-2025-55174

Description

Remediation

External links

Please verify you're human