Bug 2357091 (CVE-2025-3155)

Summary: CVE-2025-3155 yelp: Arbitrary file read
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2357092    
Bug Blocks:    

Description OSIDB Bzimport 2025-04-03 02:02:39 UTC 
Yelp, the GNOME user help application, allows  help documents to execute arbitrary JavaScript. A malicious help  document may exfiltrate user files to a remote server.
Comment 2 Patrick Del Bello 2025-04-16 01:23:27 UTC 
According to some write-ups, I'm increasing the impact of this vulnerability.

https://gist.github.com/parrot409/e970b155358d45b298d7024edd9b17f2
https://blogs.gnome.org/mcatanzaro/2025/04/15/dangerous-arbitrary-file-read-vulnerability-in-yelp-cve-2025-3155/
Comment 3 errata-xmlrpc 2025-05-05 07:08:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:4451 https://access.redhat.com/errata/RHSA-2025:4451
Comment 4 errata-xmlrpc 2025-05-05 07:11:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:4450 https://access.redhat.com/errata/RHSA-2025:4450
Comment 5 errata-xmlrpc 2025-05-05 09:18:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:4457 https://access.redhat.com/errata/RHSA-2025:4457
Comment 6 errata-xmlrpc 2025-05-05 09:27:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:4455 https://access.redhat.com/errata/RHSA-2025:4455
Comment 7 errata-xmlrpc 2025-05-05 09:27:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:4456 https://access.redhat.com/errata/RHSA-2025:4456
Comment 8 errata-xmlrpc 2025-05-06 06:03:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:4505 https://access.redhat.com/errata/RHSA-2025:4505
Comment 9 errata-xmlrpc 2025-05-06 12:14:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:4532 https://access.redhat.com/errata/RHSA-2025:4532
Comment 10 errata-xmlrpc 2025-05-13 11:56:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:7430 https://access.redhat.com/errata/RHSA-2025:7430
Comment 11 errata-xmlrpc 2025-05-14 07:59:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:7569 https://access.redhat.com/errata/RHSA-2025:7569