Debian Openbabel vulnerabilities

CVE-2026-3408 [MEDIUM] CVE-2026-3408: openbabel - A vulnerability was identified in Open Babel up to 3.1.1. This impacts the funct... A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available and might be used. The name of the patch is e23a224b8fd9d7c2a7cde9ef

CVE-2026-2704 [MEDIUM] CVE-2026-2704: openbabel - A security vulnerability has been detected in Open Babel up to 3.1.1. The affect... A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be u

CVE-2026-2705 [MEDIUM] CVE-2026-2705: openbabel - A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is ... A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8

CVE-2025-10995 [MEDIUM] CVE-2025-10995: openbabel - A security vulnerability has been detected in Open Babel up to 3.1.1. This vulne... A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlib_stream::basic_unzip_streambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Scope: local bookw

CVE-2025-10994 [MEDIUM] CVE-2025-10994: openbabel - A weakness has been identified in Open Babel up to 3.1.1. This affects the funct... A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited. Scope: local bookworm: open bullseye: open fork

CVE-2025-10998 [MEDIUM] CVE-2025-10998: openbabel - A vulnerability has been found in Open Babel up to 3.1.1. The affected element i... A vulnerability has been found in Open Babel up to 3.1.1. The affected element is the function ChemKinFormat::ReadReactionQualifierLines of the file /src/formats/chemkinformat.cpp. The manipulation leads to null pointer dereference. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. Scope: loc

CVE-2025-11000 [MEDIUM] CVE-2025-11000: openbabel - A vulnerability was determined in Open Babel up to 3.1.1. This affects the funct... A vulnerability was determined in Open Babel up to 3.1.1. This affects the function PQSFormat::ReadMolecule of the file /src/formats/PQSformat.cpp. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. Scope: local bookworm: open bullseye: open forky: open sid:

CVE-2025-10996 [MEDIUM] CVE-2025-10996: openbabel - A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the f... A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used. Scope: local bookworm: open bullseye: open forky: open s

CVE-2025-10997 [MEDIUM] CVE-2025-10997: openbabel - A flaw has been found in Open Babel up to 3.1.1. Impacted is the function ChemKi... A flaw has been found in Open Babel up to 3.1.1. Impacted is the function ChemKinFormat::CheckSpecies of the file /src/formats/chemkinformat.cpp. Executing manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. Scope: local bookworm: open bullseye: open forky: open sid: open t

CVE-2025-10999 [MEDIUM] CVE-2025-10999: openbabel - A vulnerability was found in Open Babel up to 3.1.1. The impacted element is the... A vulnerability was found in Open Babel up to 3.1.1. The impacted element is the function CacaoFormat::SetHilderbrandt of the file /src/formats/cacaoformat.cpp. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been made public and could be used. Scope: local bookworm: open bullseye: open forky:

CVE-2022-46290 [CRITICAL] CVE-2022-46290: openbabel - Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms fun... Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms Sc

CVE-2022-41793 [CRITICAL] CVE-2022-41793: openbabel - An out-of-bounds write vulnerability exists in the CSR format title functionalit... An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-42885 [CRITICAL] CVE-2022-42885: openbabel - A use of uninitialized pointer vulnerability exists in the GRO format res functi... A use of uninitialized pointer vulnerability exists in the GRO format res functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-46291 [CRITICAL] CVE-2022-46291: openbabel - Multiple out-of-bounds write vulnerabilities exist in the translationVectors par... Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MSI file f

CVE-2022-46295 [CRITICAL] CVE-2022-46295: openbabel - Multiple out-of-bounds write vulnerabilities exist in the translationVectors par... Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the Gaussian f

CVE-2022-44451 [CRITICAL] CVE-2022-44451: openbabel - A use of uninitialized pointer vulnerability exists in the MSI format atom funct... A use of uninitialized pointer vulnerability exists in the MSI format atom functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2022-46289 [CRITICAL] CVE-2022-46289: openbabel - Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms fun... Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.nAtoms calculation wrap-around, leading to a small buffer allocation Scope: loc

CVE-2022-46293 [CRITICAL] CVE-2022-46293: openbabel - Multiple out-of-bounds write vulnerabilities exist in the translationVectors par... Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MOPAC file

CVE-2022-46292 [CRITICAL] CVE-2022-46292: openbabel - Multiple out-of-bounds write vulnerabilities exist in the translationVectors par... Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MOPAC file

CVE-2022-46294 [CRITICAL] CVE-2022-46294: openbabel - Multiple out-of-bounds write vulnerabilities exist in the translationVectors par... Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MOPAC Cart