CVE-2025-3155
high-risk
Published 2025-04-03
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.
Do I need to act?
-
0.67% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.4/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Yelp
Codeready Linux Builder For Arm64
Codeready Linux Builder For Arm64
Codeready Linux Builder For Arm64 Eus
Codeready Linux Builder For Arm64 Eus
Codeready Linux Builder For Arm64 Eus
Codeready Linux Builder For Arm64 Eus
Codeready Linux Builder For Eus
Codeready Linux Builder For Eus
Codeready Linux Builder For Eus
Codeready Linux Builder For Ibm Z Systems
Codeready Linux Builder For Ibm Z Systems
Codeready Linux Builder For Ibm Z Systems Eus
Codeready Linux Builder For Ibm Z Systems Eus
Codeready Linux Builder For Ibm Z Systems Eus
Codeready Linux Builder For Ibm Z Systems Eus
Codeready Linux Builder For Power Little Endian
References (15)
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:4450
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:4451
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:4455
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:4456
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:4457
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:4505
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:4532
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:7430
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:7569
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2025-3155
55
/ 100
high-risk
Severity
26/34 · High
Exploitability
2/34 · Minimal
Exposure
27/34 · High