HomeCVE Intelligence › CVE-2022-46293
CVSS 7.8 HIGH Vulnerability

CVE-2022-46293: Open Babel has out-of-bounds write in MOPAC translationVectors[] (FINAL POINT)

Summary A memory-safety vulnerability in Open Babel's MOPAC output parser allowed an out-of-bounds write into the translationVectors[] array when reading the "FINAL POINT" block of a crafted input file. Details The MOPA…

7.8CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2022-46293
Vendorpip
Affected Productopenbabel
Vulnerability TypeVulnerability
CVSS Score7.8 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary A memory-safety vulnerability in Open Babel's MOPAC output parser

allowed an out-of-bounds write into the translationVectors[] array when reading the "FINAL POINT" block of a crafted input file.

Details The MOPAC output reader stored translation vectors from the FINAL

POINT block into a fixed-size translationVectors[] array. A malformed block could push more vectors than the array had slots, causing a write past the end of the array. One of five translationVectors[] OOB writes in the TALOS 2022 batch.

Impact Open Babel is a C++ library and CLI used to read and write chemistry

file formats; it is shipped by Linux distributions and embedded in services that may parse untrusted input. Triggering this vulnerability requires the victim to open a malicious MOPAC output

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2022-46293 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence