CVE-2022-46292: Open Babel has out-of-bounds write in MOPAC translationVectors[] (UNIT CELL TRANSLATION)
A memory-safety vulnerability in Open Babel’s MOPAC output parser
allowed an out-of-bounds write into the translationVectors[] array
when reading the “UNIT CELL TRANSLATION” block of a crafted input
file.
References
- github.com/advisories/GHSA-55f6-pf8r-c2f4
- github.com/openbabel/openbabel/commit/40e852138f21d586b7ccdce6329e7b23a87168bb
- github.com/openbabel/openbabel/security/advisories/GHSA-55f6-pf8r-c2f4
- nvd.nist.gov/vuln/detail/CVE-2022-46292
- talosintelligence.com/vulnerability_reports/TALOS-2022-1666
- www.talosintelligence.com/vulnerability_reports/TALOS-2022-1666
Code Behaviors & Features
Detect and mitigate CVE-2022-46292 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →