Description
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
- Attack Vector
- local
- Complexity
- high
- Privileges
- none
- User Action
- required
- Scope
- unchanged
- Confidentiality
- none
- Integrity
- none
- Availability
- low
- Weaknesses
- CWE-121
Metadata
- Primary Vendor
- REDHAT
- Published
- 6/16/2025
- Last Modified
- 11/3/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
redhat : jboss_core_servicesredhat : openshift_container_platformredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxxmlsoft : libxml2
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.