vulnerability
Ubuntu: USN-7694-1 (CVE-2025-6170): libxml2 vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 1 | (AV:L/AC:H/Au:N/C:N/I:N/A:P) | Jun 16, 2025 | Aug 21, 2025 | Aug 22, 2025 |
Severity
1
CVSS
(AV:L/AC:H/Au:N/C:N/I:N/A:P)
Published
Jun 16, 2025
Added
Aug 21, 2025
Modified
Aug 22, 2025
Description
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.
Solutions
ubuntu-pro-upgrade-libxml2ubuntu-pro-upgrade-python-libxml2ubuntu-pro-upgrade-python3-libxml2
References
- CVE-2025-6170
- https://attackerkb.com/topics/CVE-2025-6170
- CWE-121
- UBUNTU-USN-7694-1
- URL-https://access.redhat.com/security/cve/CVE-2025-6170
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=2372952
- URL-https://gitlab.gnome.org/GNOME/libxml2/-/issues/941
- URL-https://ubuntu.com/security/notices/USN-7694-1
- URL-https://www.cve.org/CVERecord?id=CVE-2025-6170
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.