CVE-2022-46300

Name of the Vulnerable Software and Affected Versions VISAM VBASE Automation Base versions prior to 11.7.5

Description The issue may disclose information if a valid user opens a specially crafted file. This is related to XML External Entity Processing in the context of file parsing, specifically within GestureConfigurations files in the VBASE-Editor.

Recommendations For versions prior to 11.7.5, update to version 11.7.5 or later to resolve the issue. As a temporary workaround, consider restricting the opening of specially crafted files until the update is applied. Avoid using the VBASE-Editor to parse potentially malicious files until the issue is resolved.