Description

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

INFO

Published Date :

2025-04-03T13:34:18.878Z

Last Modified :

2025-11-11T12:09:50.059Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-3155 vulnerability.

Vendors Products
Debian
  • Debian Linux
Gnome
  • Yelp
Redhat
  • Codeready Linux Builder
  • Codeready Linux Builder For Arm64
  • Codeready Linux Builder For Arm64 Eus
  • Codeready Linux Builder For Eus
  • Codeready Linux Builder For Ibm Z Systems
  • Codeready Linux Builder For Ibm Z Systems Eus
  • Codeready Linux Builder For Power Little Endian
  • Codeready Linux Builder For Power Little Endian Eus
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux For Arm 64
  • Enterprise Linux For Arm 64 Eus
  • Enterprise Linux For Ibm Z Systems
  • Enterprise Linux For Ibm Z Systems Eus
  • Enterprise Linux For Power Little Endian
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Tus
  • Enterprise Linux Update Services For Sap Solutions
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-3155.

URL Resource
http://www.openwall.com/lists/oss-security/2025/04/04/1 cve-icon
https://access.redhat.com/errata/RHSA-2025:4450 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:4451 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:4455 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:4456 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:4457 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:4505 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:4532 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7430 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7569 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2025-3155 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2357091 cve-icon cve-icon
https://gist.github.com/parrot409/e970b155358d45b298d7024edd9b17f2 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/05/msg00036.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/05/msg00037.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-3155 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-3155 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact