CVE-2022-46291

Name of the Vulnerable Software and Affected Versions Open Babel versions 3.1.1 and earlier

Description The issue is related to out-of-bounds write vulnerabilities in the translationVectors parsing functionality of Open Babel, which can be triggered by a specially-crafted malformed file, potentially leading to arbitrary code execution. This vulnerability affects the MSI file format.

Recommendations For Open Babel version 3.1.1, consider disabling the translationVectors parsing functionality until a patch is available. Restrict access to the MSI file format to minimize the risk of exploitation. Avoid using malicious or untrusted files with Open Babel until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.