CVE-2022-46293
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.8 / 10
Vulnerability Description
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MOPAC file format, inside the Final Point and Derivatives section
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
pip
Product
openbabel
External References
- https://github.com/openbabel/openbabel/security/advisories/GHSA-7h6r-6p76-68c9
- https://nvd.nist.gov/vuln/detail/CVE-2022-46293
- https://github.com/openbabel/openbabel/commit/40e852138f21d586b7ccdce6329e7b23a87168bb
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1666
- https://github.com/advisories/GHSA-7h6r-6p76-68c9
Discussion (0)
Add Comment
No comments yet. Be the first!