CVE-2025-6170

CVSS v3.1

2.5

Low

Vector

AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions xmllint (affected versions not specified)

Description A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

AZL-64470

AZL-64482

BDU:2025-11756

CVE-2025-6170

DLA-4251-1

ECHO-FF66-D4B7-9E4F

GHSA-353F-X4GH-CQQ8

MGASA-2025-0269

OESA-2025-1867

OESA-2025-1868

OESA-2025-1898

OESA-2025-1899

OESA-2025-1901

OESA-2025-1986

OPENSUSE-SU-2025:15321-1

RHSA-2026:7519

SUSE-SU-2025:02260-1

SUSE-SU-2025:02275-1

SUSE-SU-2025:02294-1

SUSE-SU-2025:02314-1

SUSE-SU-2025:02355-1

SUSE-SU-2025:20564-1

SUSE-SU-2025:20607-1

SUSE-SU-2025_02260-1

SUSE-SU-2025_02275-1

SUSE-SU-2025_02294-1

SUSE-SU-2025_02314-1

SUSE-SU-2025_02355-1

USN-7694-1

Affected Products

Debian

Linuxmint

Red Os

Suse

Ubuntu

Xmllint

CVE-2025-6170

Weakness Enumeration

Related Identifiers

Affected Products

References · 93