Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6170

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

Published

2025-06-16T16:15:20.430

Last Modified

2025-08-12T13:04:06.117

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 2.5 (LOW)

Weaknesses

Type: Primary
CWE-121

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redhat	jboss_core_services	-	Yes
Application	redhat	openshift_container_platform	4.0	Yes
Operating System	redhat	enterprise_linux	6.0	Yes
Operating System	redhat	enterprise_linux	7.0	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_linux	9.0	Yes
Operating System	redhat	enterprise_linux	10.0	Yes
Application	xmlsoft	libxml2	-	Yes

References

https://access.redhat.com/security/cve/CVE-2025-6170 Third Party Advisory, Mitigation ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2372952 Issue Tracking, Third Party Advisory ([email protected])