Vulnerability Details CVE-2022-46289
Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.nAtoms calculation wrap-around, leading to a small buffer allocation
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-46289
-
cpe:2.3:a:openbabel:open_babel:3.1.1