HIGH🇬🇧 English

CVE-2025-3155

CVSS 7.4v3.1pub. 2025-04-03upd. 2026-06-29

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
  • Debian

    OS
    Debian
    11.0
  • Gnome Yelp

    APP
    Gnome
    42.2-8
  • Red Hat Codeready Linux Builder

    APP
    Redhat
    8.09.0
  • Red Hat Codeready Linux Builder For Arm64

    APP
    Redhat
    8.0_aarch649.0_aarch64
  • Red Hat Codeready Linux Builder For Arm64 Eus

    APP
    Redhat
    8.8_aarch649.2_aarch649.4_aarch649.6_aarch64
  • Red Hat Codeready Linux Builder For Eus

    APP
    Redhat
    8.89.29.4
  • Red Hat Codeready Linux Builder For IBM Z Systems

    APP
    Redhat
    8.0_s390x9.0_s390x
  • Red Hat Codeready Linux Builder For IBM Z Systems Eus

    APP
    Redhat
    8.8_s390x9.2_s390x9.4_s390x9.6_s390x
  • Red Hat Codeready Linux Builder For Power Little Endian

    APP
    Redhat
    8.0_ppc64le9.0_ppc64le
  • Red Hat Codeready Linux Builder For Power Little Endian Eus

    APP
    Redhat
    8.8_ppc64le9.2_ppc64le9.4_ppc64le9.6_ppc64le
  • Red Hat Enterprise Linux

    OS
    Redhat
    8.09.0
  • Red Hat Enterprise Linux Eus

    OS
    Redhat
    9.29.49.6
  • Red Hat Enterprise Linux For Arm 64

    OS
    Redhat
    8.08.8_aarch649.0_aarch649.2_aarch64
  • Red Hat Enterprise Linux For Arm 64 Eus

    OS
    Redhat
    9.4_aarch649.6_aarch64
  • Red Hat Enterprise Linux For IBM Z Systems

    OS
    Redhat
    8.0_s390x9.0_s390x
  • Red Hat Enterprise Linux For IBM Z Systems Eus

    OS
    Redhat
    8.8_s390x9.2_s390x9.4_s390x9.6_s390x
  • Red Hat Enterprise Linux For Power Little Endian

    OS
    Redhat
    8.0_ppc64le9.0_ppc64le
  • Red Hat Enterprise Linux For Power Little Endian Eus

    OS
    Redhat
    8.8_ppc64le9.2_ppc64le9.4_ppc64le9.6_ppc64le
  • Red Hat Enterprise Linux Server Aus

    OS
    Redhat
    8.28.48.69.29.49.6
  • Red Hat Enterprise Linux Server Tus

    OS
    Redhat
    8.48.68.8
  • Red Hat Enterprise Linux Update Services For Sap Solutions

    OS
    Redhat
    8.48.68.89.09.29.4
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-24061CRITICAL9.8⚠ KEVPL ✓ten sam produkt

GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-49113CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE przez deserializację PHP w Roundcube Webmail (parametr _from)

CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)

CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki