CVE-2022-46290
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.8 / 10
Vulnerability Description
Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
pip
Product
openbabel
External References
- https://github.com/openbabel/openbabel/security/advisories/GHSA-5rff-8f7c-8jmw
- https://nvd.nist.gov/vuln/detail/CVE-2022-46290
- https://github.com/openbabel/openbabel/commit/b239d06eb724bb684eea0040e9d87cf07072b081
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1665
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1665
- https://github.com/advisories/GHSA-5rff-8f7c-8jmw
Discussion (0)
Add Comment
No comments yet. Be the first!