CVE-2022-41696

Name of the Vulnerable Software and Affected Versions VISAM VBASE Automation Base versions prior to 11.7.5

Description The issue may disclose information if a valid user opens a specially crafted file. This is related to XML External Entity Processing in the FB.XML file parsing.

Recommendations For versions prior to 11.7.5, update to version 11.7.5 or later to resolve the issue. As a temporary workaround, consider restricting access to specially crafted files until the update is applied. Avoid using the FB.XML file parsing feature with untrusted files until the issue is resolved.