CVE-2025-6170

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-6170

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-6170.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-6170

Downstream

ALPINE-CVE-2025-6170

BELL-CVE-2025-6170

DEBIAN-CVE-2025-6170

DLA-4251-1

ECHO-ff66-d4b7-9e4f

OESA-2025-1867

OESA-2025-1868

OESA-2025-1898

OESA-2025-1899

OESA-2025-1901

OESA-2025-1986

SUSE-SU-2025:02260-1

SUSE-SU-2025:02294-1

UBUNTU-CVE-2025-6170

USN-7694-1

Related

Published

2025-06-16T16:15:20Z

Modified

2025-09-01T21:00:22Z

Severity

2.5 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

References

Affected packages