ГлавнаяУязвимости → CVE-2025-3155
7.4высокая

CVE-2025-3155

→ есть в БДУ: BDU:2025-03944 (на русском)
Описание (на английском; русское — в БДУ выше)

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

Затрагиваемое ПО
Gnome YelpDebian Debian linuxRedhat Codeready linux builderRedhat Codeready linux builder for arm64Redhat Codeready linux builder for arm64 eusRedhat Codeready linux builder for eusRedhat Codeready linux builder for ibm z systemsRedhat Codeready linux builder for ibm z systems eusRedhat Codeready linux builder for power little endianRedhat Codeready linux builder for power little endian eusRedhat Enterprise linuxRedhat Enterprise linux eusRedhat Enterprise linux for arm 64Redhat Enterprise linux for arm 64 eusRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endianRedhat Enterprise linux for power little endian eusRedhat Enterprise linux server ausRedhat Enterprise linux server tusRedhat Enterprise linux update services for sap solutions
CVSS
Балл7.4 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Источники
https://access.redhat.com/errata/RHSA-2025:4450https://access.redhat.com/errata/RHSA-2025:4451https://access.redhat.com/errata/RHSA-2025:4455https://access.redhat.com/errata/RHSA-2025:4456https://access.redhat.com/errata/RHSA-2025:4457https://access.redhat.com/errata/RHSA-2025:4505https://access.redhat.com/errata/RHSA-2025:4532https://access.redhat.com/errata/RHSA-2025:7430