| Title | Open Babel 3.1.1 / master commit 889c350 Heap-based Buffer Overflow |
|---|
| Description | Open Babel 3.1.1 (master commit 889c350) is vulnerable to a heap-buffer-overflow in the OBSmilesParser::ParseSmiles function. When parsing certain malformed SMILES strings, the parser performs an out-of-bounds read on a dynamically allocated vector of integers, resulting in undefined behavior and potential denial of service (DoS). An attacker can exploit this vulnerability by supplying crafted input to applications or tools that rely on Open Babel for SMILES parsing. |
|---|
| Source | ⚠️ https://github.com/openbabel/openbabel/issues/2831 |
|---|
| User | ahuo (UID 90189) |
|---|
| Submission | 09/14/2025 10:03 (7 months ago) |
|---|
| Moderation | 09/25/2025 20:05 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 325924 [Open Babel up to 3.1.1 smilesformat.cpp ParseSmiles heap-based overflow] |
|---|
| Points | 20 |
|---|