CVE-2025-3155 Information

Apr 04, 2025 cve

Description

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents which may exfiltrate user files to an external environment.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Reference

https://access.redhat.com/security/cve/CVE-2025-3155 https://bugzilla.redhat.com/show_bug.cgi?id=2357091

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5

Share on: