CVE-2022-42964

Inefficient Regular Expression Complexity in pypi/pymatgen

Identifiers

CVE-2022-42964

Package Slug

pypi/pymatgen

Vulnerability

Inefficient Regular Expression Complexity

Description

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-11-13

source