Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-43467HistoryJul 21, 2023 - 9:15 p.m.
CVE-2022-43467
2023-07-2121:15:10
Debian Security Bug Tracker
security-tracker.debian.org
8
open babel
vulnerability
arbitrary code execution
malicious file
pqs format
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
30.0%
An out-of-bounds write vulnerability exists in the PQS format coord_file functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openbabel | <= 3.1.1+dfsg-9 | openbabel_3.1.1+dfsg-9_all.deb |
| Debian | 11 | all | openbabel | <= 3.1.1+dfsg-6 | openbabel_3.1.1+dfsg-6_all.deb |
| Debian | 999 | all | openbabel | <= 3.1.1+dfsg-11 | openbabel_3.1.1+dfsg-11_all.deb |
| Debian | 13 | all | openbabel | <= 3.1.1+dfsg-11 | openbabel_3.1.1+dfsg-11_all.deb |
Related
vulnrichment
vulnrichment
CVE-2022-43467
2023-07-21 20:25:39
nvd
nvd
CVE-2022-43467
2023-07-21 21:15:10
cvelist
cvelist
CVE-2022-43467
2023-07-21 20:25:39
ubuntucve
ubuntucve
CVE-2022-43467
2023-07-21 00:00:00
talos
talos
Open Babel PQS format coord_file out-of-bounds write vulnerability
2023-07-21 00:00:00
prion
prion
Cross site scripting
2023-07-21 21:15:00
cve
cve
CVE-2022-43467
2023-07-21 21:15:10
veracode
veracode
Arbitrary Code Execution
2023-07-27 13:15:33
talosblog
talosblog
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
30.0%
Related for DEBIANCVE:CVE-2022-43467