<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Pip/Openbabel (Vulnerable: &lt; 3.2.0) - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/pip/openbabel-vulnerable--3.2.0/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Fri, 03 Jul 2026 12:53:09 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/pip/openbabel-vulnerable--3.2.0/feed.xml" rel="self" type="application/rss+xml"/><item><title>Open Babel PQS coord_file parser suffers from out-of-bounds write vulnerability (CVE-2022-43467)</title><link>https://feed.craftedsignal.io/briefs/2026-07-open-babel-pqs-oob-write/</link><pubDate>Fri, 03 Jul 2026 12:53:09 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-open-babel-pqs-oob-write/</guid><description>A high-severity memory-safety vulnerability (CVE-2022-43467) in Open Babel's PQS `coord_file` parser allows an attacker to achieve an out-of-bounds write by tricking a victim into opening a specially crafted PQS file, potentially leading to arbitrary code execution or denial of service in systems processing untrusted chemistry file formats.</description><content:encoded><![CDATA[<p>A high-severity memory-safety vulnerability, identified as CVE-2022-43467, has been discovered in Open Babel's PQS <code>coord_file</code> parser. This flaw affects all versions up to and including 3.1.1 of the Open Babel library and CLI tool, which is critical for processing various chemistry file formats. Exploitation occurs when a victim processes a specially crafted PQS file, leading to an out-of-bounds write within the <code>coord_file</code> parsing path. This vulnerability was reported by Cisco TALOS and subsequently patched in version 3.2.0, released on 2026-05-26. Given Open Babel's widespread use across Linux distributions and in services that handle untrusted input, this flaw poses a significant risk of arbitrary code execution or denial of service.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker crafts a specially designed PQS file containing a malformed <code>coord_file</code> specifier that targets the vulnerability.</li>
<li>The attacker delivers this malicious PQS file to a target system or user, often via email, download, or integration into a workflow.</li>
<li>A user or automated service on the victim system opens and processes the malicious PQS file using an affected Open Babel component (e.g., <code>obabel</code> CLI tool, <code>OBConversion</code> API, or language bindings).</li>
<li>During the parsing process of the PQS <code>coord_file</code> path, the malformed specifier triggers an out-of-bounds write operation.</li>
<li>This memory corruption overwrites adjacent memory regions, leading to unpredictable program behavior, including crashes.</li>
<li>Successful exploitation can result in application crashes (Denial of Service) or, with further exploitation, arbitrary code execution on the compromised system.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The vulnerability affects any system or service utilizing Open Babel versions up to 3.1.1 to process PQS files, particularly those that handle untrusted or external input. Open Babel is widely deployed as a C++ library and command-line interface, integrated into Linux distributions and various scientific applications. Successful exploitation of CVE-2022-43467 can lead to service disruption through denial of service (application crashes) or, more severely, arbitrary code execution, allowing attackers to gain control over affected systems. The full scope of potential victims is broad due to the library's foundational role in chemistry informatics.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately update all Open Babel installations to version 3.2.0 or later to patch CVE-2022-43467.</li>
<li>For Python environments, ensure <code>pip/openbabel</code> is updated to a version greater than or equal to 3.2.0.</li>
<li>Implement strict input validation for all PQS files processed by Open Babel components, especially those originating from untrusted sources, to mitigate the risk of malformed file attacks.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>open-babel</category><category>vulnerability</category><category>memory-corruption</category><category>cve</category><category>library</category></item></channel></rss>