Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-6170

Опубликовано: 16 июн. 2025
Источник: nvd
CVSS3: 2.5
EPSS Низкий

Описание

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:xmlsoft:libxml2:-:*:*:*:*:*:*:*

EPSS

Процентиль: 10%
0.00034
Низкий

2.5 Low

CVSS3

Дефекты

CWE-121

Связанные уязвимости

ubuntu логотип

CVE-2025-6170

CVSS3: 2.5
ubuntu
10 месяцев назад

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

redhat логотип

CVE-2025-6170

CVSS3: 2.5
redhat
10 месяцев назад

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

msrc логотип

CVE-2025-6170

CVSS3: 2.5
msrc
8 месяцев назад

Libxml2: stack buffer overflow in xmllint interactive shell command handling

debian логотип

CVE-2025-6170

CVSS3: 2.5
debian
10 месяцев назад

A flaw was found in the interactive shell of the xmllint command-line ...

github логотип

GHSA-6qrf-r65h-2r77

CVSS3: 2.5
github
10 месяцев назад

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

EPSS

Процентиль: 10%
0.00034
Низкий

2.5 Low

CVSS3

Дефекты

CWE-121