Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2026-13601

Medium priority
Needs evaluation

A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an...

1 affected package

yelp

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
yelp Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-3155

Medium priority

Some fixes available 5 of 7

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

1 affected package

yelp

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
yelp Not affected Fixed Fixed Fixed Needs evaluation
Show less packages

CVE-2008-3533

Low priority
Fixed

Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the...

1 affected package

yelp

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
yelp
Show less packages