CVE-2025-3155

HIGH

7.4

Descripcion

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

Detalles CVE

Puntuacion CVSS v3.17.4

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioREQUIRED

Publicado4/3/2025

Ultima modificacion8/12/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

debian:debian_linuxgnome:yelpredhat:codeready_linux_builderredhat:codeready_linux_builder_for_arm64redhat:codeready_linux_builder_for_arm64_eusredhat:codeready_linux_builder_for_eusredhat:codeready_linux_builder_for_ibm_z_systemsredhat:codeready_linux_builder_for_ibm_z_systems_eusredhat:codeready_linux_builder_for_power_little_endianredhat:codeready_linux_builder_for_power_little_endian_eusredhat:enterprise_linuxredhat:enterprise_linux_eusredhat:enterprise_linux_for_arm_64redhat:enterprise_linux_for_arm_64_eusredhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_tusredhat:enterprise_linux_update_services_for_sap_solutions