31 matches found
Astra Linux - Vulnerability in yelp, yelp-xsl
A flaw was discovered in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability enables malicious users to input help documents, which may result in the exfiltration of user files to an external environment...
Amazon Linux 2 : yelp, --advisory ALAS2-2026-3337 (ALAS-2026-3337)
The version of yelp installed on the remote host is prior to 3.28.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3337 advisory. A sandbox escape vulnerability was found in yelp, the GNOME help viewer. Bypassing the fix for CVE-2025-3155, a malicious help docume...
Debian dsa-6319 : libyelp-dev - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6319 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6319-1 [email protected] https://www.debian.org/security/...
RockyLinux 9 : yelp (RLSA-2025:7430)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7430 advisory. yelp: Arbitrary file read CVE-2025-3155 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that Nessus has...
EUVD-2025-9635
Malicious code in bioql PyPI...
Fedora 42 : yelp / yelp-xsl (2025-e788608959)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-e788608959 advisory. Fix CVE-2025-3155 - arbitrary file-read. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Medium: yelp-xsl
Issue Overview: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. CVE-2025-3155 Affected Packages: yelp-xsl...
Medium: yelp
Issue Overview: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. CVE-2025-3155 Affected Packages: yelp Not...
Medium: yelp
Issue Overview: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. CVE-2025-3155 Affected Packages: yelp Not...
Alibaba Cloud Linux 3 : 0078: yelp (ALINUX3-SA-2025:0078)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0078 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-3155: A flaw was found in Yelp. The Gnome...
AlmaLinux 9 : yelp (ALSA-2025:7430)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7430 advisory. yelp: Arbitrary file read CVE-2025-3155 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has n...
Oracle Linux 8 : yelp / and / yelp-xsl (ELSA-2025-7569)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7569 advisory. - Fix CVE-2025-3155 RHEL-85922 yelp-xsl Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...
yelp: Arbitrary file read
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...
RHEL 9 : yelp (RHSA-2025:4505)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4505 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...
RHEL 8 : yelp (RHSA-2025:4532)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4532 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...
yelp: Arbitrary file read
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...
yelp: Arbitrary file read
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment...
RHEL 9 : yelp (RHSA-2025:4456)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4456 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...
RHEL 8 : yelp (RHSA-2025:4451)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4451 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...
USN-7447-1: Yelp vulnerability
It was discovered that Yelp incorrectly handled paths in ghelp URLs. A remote attacker could use this issue to trick users into opening malicious downloaded help files and exfiltrate sensitive information...