Arbitrary Script Execution Vulnerability in Yelp Gnome User Help Application
CVE-2025-3155

7.4HIGH

Key Information:

Vendor
Red Hat
Status
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Vendor
CVE Published:
3 April 2025

Badges

📈 Score: 1,260👾 Exploit Exists📰 News Worthy

What is CVE-2025-3155?

CVE-2025-3155 is a vulnerability found in the Yelp application, a component of the Gnome desktop environment designed to provide user help resources and documentation. This flaw permits the execution of arbitrary scripts through the help documents processed by Yelp. In organizations that utilize the Gnome environment, this vulnerability could be exploited by attackers to manipulate help documentation, potentially allowing them to exfiltrate sensitive user files or manipulate software behavior, leading to severe security breaches.

Technical Details

The vulnerability arises from Yelp's handling of help documents, which do not adequately validate or sanitize user input. This flaw enables malicious users to craft help documents that, when accessed, can execute arbitrary scripts on the user’s system. As a consequence, attackers can gain unauthorized access to system files and execute arbitrary commands, presenting a significant security risk to affected systems. The vulnerability has been cataloged under CVE-2025-3155, and while it is not currently being actively exploited in the wild, the potential for such exploitation remains a concern.

Potential impact of CVE-2025-3155

  1. Data Exfiltration: The ability for malicious actors to execute arbitrary scripts could lead to the unauthorized extraction of sensitive information from user machines, resulting in data breaches that compromise organizational integrity and confidentiality.

  2. System Compromise: This vulnerability could allow attackers to execute commands on users' systems, potentially leading to further exploitation, unauthorized access, and manipulation of critical system functions, jeopardizing overall security.

  3. Increased Attack Surface: Given that Yelp serves as a help application, the successful exploitation of this vulnerability could lead to a wider range of attack vectors, opening up additional avenues for cybercriminal activity that could affect not just individual users but also the broader network and systems within an organization.

News Articles

favicon imageCybersecurityNews

PoC Exploit Released for Yelp Flaw that Exposes SSH Keys on Ubuntu Systems

A proof-of-concept (PoC) exploit has been released for CVE-2025-3155, a critical vulnerability in GNOME’s Yelp help viewer that enables attackers to exfiltrate SSH keys and other sensitive files from Ubuntu systems. 

3 weeks ago

favicon imageGBHackers News

PoC Exploit Reveals SSH Key Exposure via Yelp Vulnerability on Ubuntu

Security researchers have uncovered a critical vulnerability (CVE-2025-3155) in Ubuntu's default help browser Yelp that could expose sensitive system.

3 weeks ago

References

https://access.redhat.com/security/cve/CVE-2025-3155
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2357091
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by GBHackers News

  • Vulnerability published

  • Vulnerability Reserved

.