3 matches found
Security update for yelp
This update for yelp fixes the following issues: CVE-2025-3155: JavaScript code execution and arbitrary file read through specially crafted help files and ghelp scheme URLs bsc1240688. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for yelp
This update for yelp fixes the following issues: CVE-2025-3155: JavaScript code execution and arbitrary file read through specially crafted help files and ghelp scheme URLs bsc1240688. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
The vulnerability of the Yelp review system lies in the fact that functions from an unreliable and uncontrolled area are integrated during the processing of documents using the ghelp scheme. This allows a malicious actor to gain unauthorized access to protected information and execute arbitrary code.
The vulnerability of the Yelp review system lies in the inclusion of functions from an unreliable and uncontrolled area during the processing of documents using the ghelp scheme. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information and...