CVE-2022-28652 | Canonical Apport up to 2.20.x settings Billion Laughs xml entity expansion (USN-5427-1)

Posted by Angelo Barbosa | Jun 5, 2024 | CVE

A vulnerability was found in Canonical Apport up to 2.20.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file ~/.config/apport/settings. The manipulation leads to xml entity expansion.

This vulnerability is known as CVE-2022-28652. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2022-28652 | Canonical Apport up to 2.20.x settings Billion Laughs xml entity expansion (USN-5427-1)

Related Posts

CVE-2024-8600 | Autodesk AutoCAD 2025.1 SLDPRT File odxsw_dll.dll memory corruption

CVE-2023-26009 | Favethemes Houzez Login Register Plugin up to 2.6.3 on WordPress privileges management

CVE-2023-7165 | JetBackup Plugin up to 2.0.9.8 on WordPress file access

CVE-2022-48758 | Linux Kernel up to 5.16.4 fs/sysfs/group.c bnx2fc_interface_put Privilege Escalation