Advisory Database
  • Advisories
  • Dependency Scanning
  1. pypi
  2. ›
  3. openbabel
  4. ›
  5. CVE-2022-46292

CVE-2022-46292: Open Babel has out-of-bounds write in MOPAC translationVectors[] (UNIT CELL TRANSLATION)

July 6, 2026

A memory-safety vulnerability in Open Babel’s MOPAC output parser allowed an out-of-bounds write into the translationVectors[] array when reading the “UNIT CELL TRANSLATION” block of a crafted input file.

References

  • github.com/advisories/GHSA-55f6-pf8r-c2f4
  • github.com/openbabel/openbabel/commit/40e852138f21d586b7ccdce6329e7b23a87168bb
  • github.com/openbabel/openbabel/security/advisories/GHSA-55f6-pf8r-c2f4
  • nvd.nist.gov/vuln/detail/CVE-2022-46292
  • talosintelligence.com/vulnerability_reports/TALOS-2022-1666
  • www.talosintelligence.com/vulnerability_reports/TALOS-2022-1666

Code Behaviors & Features

Detect and mitigate CVE-2022-46292 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →

Affected versions

All versions before 3.2.0

Fixed versions

  • 3.2.0

Solution

Upgrade to version 3.2.0 or above.

Impact 7.8 HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Learn more about CVSS

Weakness

  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-787: Out-of-bounds Write

Source file

pypi/openbabel/CVE-2022-46292.yml

Spotted a mistake? Edit the file on GitLab.

  • Site Repo
  • About GitLab
  • Terms
  • Privacy Statement
  • Contact

Page generated Tue, 07 Jul 2026 00:20:18 +0000.