Duplicate Advisory: Open Babel has out-of-bounds write in ORCA nAtoms parser (second variant)
Critical severity
GitHub Reviewed
Published
Jul 21, 2023
to the GitHub Advisory Database
•
Updated Jul 1, 2026
Withdrawn
This advisory was withdrawn on Jul 1, 2026
Description
Published by the National Vulnerability Database
Jul 21, 2023
Published to the GitHub Advisory Database
Jul 21, 2023
Reviewed
Jul 1, 2026
Withdrawn
Jul 1, 2026
Last updated
Jul 1, 2026
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-5rff-8f7c-8jmw. This link is maintained to preserve external references.
Original Description
Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms
References