{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/open-babel-vulnerable--3.2.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":9.8,"id":"CVE-2022-43467"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Open Babel (vulnerable: \u003c 3.2.0)","pip/openbabel (vulnerable: \u003c 3.2.0)"],"_cs_severities":["high"],"_cs_tags":["open-babel","vulnerability","memory-corruption","cve","library"],"_cs_type":"advisory","_cs_vendors":["Open Babel"],"content_html":"\u003cp\u003eA high-severity memory-safety vulnerability, identified as CVE-2022-43467, has been discovered in Open Babel's PQS \u003ccode\u003ecoord_file\u003c/code\u003e parser. This flaw affects all versions up to and including 3.1.1 of the Open Babel library and CLI tool, which is critical for processing various chemistry file formats. Exploitation occurs when a victim processes a specially crafted PQS file, leading to an out-of-bounds write within the \u003ccode\u003ecoord_file\u003c/code\u003e parsing path. This vulnerability was reported by Cisco TALOS and subsequently patched in version 3.2.0, released on 2026-05-26. Given Open Babel's widespread use across Linux distributions and in services that handle untrusted input, this flaw poses a significant risk of arbitrary code execution or denial of service.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a specially designed PQS file containing a malformed \u003ccode\u003ecoord_file\u003c/code\u003e specifier that targets the vulnerability.\u003c/li\u003e\n\u003cli\u003eThe attacker delivers this malicious PQS file to a target system or user, often via email, download, or integration into a workflow.\u003c/li\u003e\n\u003cli\u003eA user or automated service on the victim system opens and processes the malicious PQS file using an affected Open Babel component (e.g., \u003ccode\u003eobabel\u003c/code\u003e CLI tool, \u003ccode\u003eOBConversion\u003c/code\u003e API, or language bindings).\u003c/li\u003e\n\u003cli\u003eDuring the parsing process of the PQS \u003ccode\u003ecoord_file\u003c/code\u003e path, the malformed specifier triggers an out-of-bounds write operation.\u003c/li\u003e\n\u003cli\u003eThis memory corruption overwrites adjacent memory regions, leading to unpredictable program behavior, including crashes.\u003c/li\u003e\n\u003cli\u003eSuccessful exploitation can result in application crashes (Denial of Service) or, with further exploitation, arbitrary code execution on the compromised system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe vulnerability affects any system or service utilizing Open Babel versions up to 3.1.1 to process PQS files, particularly those that handle untrusted or external input. Open Babel is widely deployed as a C++ library and command-line interface, integrated into Linux distributions and various scientific applications. Successful exploitation of CVE-2022-43467 can lead to service disruption through denial of service (application crashes) or, more severely, arbitrary code execution, allowing attackers to gain control over affected systems. The full scope of potential victims is broad due to the library's foundational role in chemistry informatics.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately update all Open Babel installations to version 3.2.0 or later to patch CVE-2022-43467.\u003c/li\u003e\n\u003cli\u003eFor Python environments, ensure \u003ccode\u003epip/openbabel\u003c/code\u003e is updated to a version greater than or equal to 3.2.0.\u003c/li\u003e\n\u003cli\u003eImplement strict input validation for all PQS files processed by Open Babel components, especially those originating from untrusted sources, to mitigate the risk of malformed file attacks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T12:53:09Z","date_published":"2026-07-03T12:53:09Z","id":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-pqs-oob-write/","summary":"A high-severity memory-safety vulnerability (CVE-2022-43467) in Open Babel's PQS `coord_file` parser allows an attacker to achieve an out-of-bounds write by tricking a victim into opening a specially crafted PQS file, potentially leading to arbitrary code execution or denial of service in systems processing untrusted chemistry file formats.","title":"Open Babel PQS coord_file parser suffers from out-of-bounds write vulnerability (CVE-2022-43467)","url":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-pqs-oob-write/"}],"language":"en","title":"CraftedSignal Threat Feed - Open Babel (Vulnerable: \u003c 3.2.0)","version":"https://jsonfeed.org/version/1.1"}