- Description
- A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 2.5
- Impact score
- 1.4
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
- Severity
- LOW
- secalert@redhat.com
- CWE-121
- Hype score
- Not currently trending
5 CVEs in libxml2 https://t.co/nHoIvYT13R CVE-2025-49794: Heap UAF DoS CVE-2025-49795: Null pointer dereference DoS CVE-2025-49796: Type confusion DoS CVE-2025-6021: Integer and Buffer Overflow in xmlBuildQName() CVE-2025-6170: Stack-based Buffer Overflow in xmllint Shell
@oss_security
17 Jun 2025
2650 Impressions
11 Retweets
24 Likes
8 Bookmarks
1 Reply
1 Quote
CVE-2025-6170 XMLlint Command-Line Tool Memory Corruption Vulnerability via Oversized Input https://t.co/4IT11IjoqM
@VulmonFeeds
16 Jun 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6170 A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not … https://t.co/42XTf0CRMk
@CVEnew
16 Jun 2025
477 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes