It was discovered that Yelp incorrectly handled paths in ghelp URLs. A remote attacker could use this issue to trick users into opening malicious downloaded help files and exfiltrate sensitive information.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libyelp-dev", "binary_version": "3.36.2-0ubuntu1.1" }, { "binary_name": "libyelp0", "binary_version": "3.36.2-0ubuntu1.1" }, { "binary_name": "libyelp0-dbgsym", "binary_version": "3.36.2-0ubuntu1.1" }, { "binary_name": "yelp", "binary_version": "3.36.2-0ubuntu1.1" }, { "binary_name": "yelp-dbgsym", "binary_version": "3.36.2-0ubuntu1.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libyelp-dev", "binary_version": "42.1-1ubuntu0.1" }, { "binary_name": "libyelp0", "binary_version": "42.1-1ubuntu0.1" }, { "binary_name": "libyelp0-dbgsym", "binary_version": "42.1-1ubuntu0.1" }, { "binary_name": "yelp", "binary_version": "42.1-1ubuntu0.1" }, { "binary_name": "yelp-dbgsym", "binary_version": "42.1-1ubuntu0.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libyelp-dev", "binary_version": "42.2-1ubuntu0.24.04.1" }, { "binary_name": "libyelp0", "binary_version": "42.2-1ubuntu0.24.04.1" }, { "binary_name": "libyelp0-dbgsym", "binary_version": "42.2-1ubuntu0.24.04.1" }, { "binary_name": "yelp", "binary_version": "42.2-1ubuntu0.24.04.1" }, { "binary_name": "yelp-dbgsym", "binary_version": "42.2-1ubuntu0.24.04.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libyelp-dev", "binary_version": "42.2-2ubuntu0.1" }, { "binary_name": "libyelp0", "binary_version": "42.2-2ubuntu0.1" }, { "binary_name": "libyelp0-dbgsym", "binary_version": "42.2-2ubuntu0.1" }, { "binary_name": "yelp", "binary_version": "42.2-2ubuntu0.1" }, { "binary_name": "yelp-dbgsym", "binary_version": "42.2-2ubuntu0.1" } ] }