Bug 2494118 - CVE-2026-13601 yelp: Overly Permissive Content Security Policy in Yelp Allows Host File Disclosure from Flatpak Applications [epel-all]
Summary: CVE-2026-13601 yelp: Overly Permissive Content Security Policy in Yelp Allows...
Keywords:
Status: NEW
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: yelp
Version: epel10
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
Assignee: David King
QA Contact:
URL:
Whiteboard: {"flaws": ["fa2bfef5-2e52-4d56-8e81-a...
Depends On:
Blocks: CVE-2026-13601
TreeView+ depends on / blocked
 
Reported: 2026-06-29 09:14 UTC by TEJ RATHI
Modified: 2026-06-29 09:14 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type: ---
Embargoed:


Attachments (Terms of Use)

Description TEJ RATHI 2026-06-29 09:14:22 UTC
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

A local sandbox escape and host information disclosure flaw was found in Yelp. A regression introduced in the companion yelp-xsl stylesheet component targets the gnome-42 and master development branches, leaving the application's Content Security Policy (CSP) style handling directives overly permissive.

A malicious or compromised sandboxed Flatpak application can programmatically abuse the standard host org.freedesktop.portal.OpenURI portal interface to pass crafted help layout files (ghelp:// or mallard extensions). Because the system portal processes this request silently without requiring user interaction, host-level Yelp is automatically invoked to parse the file outside the application container. The attacker-controlled layout leverages local XML inclusions to load arbitrary host-level files into memory, which are subsequently exfiltrated out-of-band to a remote server using a background CSS url() query embedded inside a structured SVG document.


Note You need to log in before you can comment on or make changes to this bug.