INFSA-2025:7430: yelp security update
Information about definition
Identificator: INFSA-2025:7430
Type: security
Release date: 2025-06-10 08:41:27 UTC
Information about package
Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook.
Vulnerabilities description
- CVE-2025-3155
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-3155
|
no information | 7.4 | no information |
Updated packages