CVE-2025-6170 Information
Jun 17, 2025
cve
Description
A flaw was found in the interactive shell of the xmllint command-line tool used for parsing XML files. When a user inputs an overly long command the program does not check the input size properly which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Reference
https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
LOW
Base Severity
2.5
Related CNNVD
CNNVD-202506-1847 (Published: 2025-06-16)
Share on: