CVE-2022-46293: 
Linux Debian vulnerability analysis and mitigation

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in Open Babel 3.1.1 and master commit 530dbfa3. The vulnerability (CVE-2022-46293) specifically affects the MOPAC file format, inside the Final Point and Derivatives section. A specially-crafted malformed file can lead to arbitrary code execution when processed by the affected software (Talos Advisory).

The vulnerability is classified as an out-of-bounds write issue (CWE-787) with a CVSS 3.1 Base Score of 7.8 (HIGH) according to NVD's assessment (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), while Talos rates it at 9.8 CRITICAL (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The vulnerability occurs in the MOPAC file format parsing when processing the Final Point and Derivatives section, where the translationVectors array index can be manipulated to cause an out-of-bounds write condition (NVD, Talos Advisory).

The vulnerability can lead to arbitrary code execution on the affected system. Given that Open Babel is used in various chemistry and research settings, including online chemical format converters and molecule viewers, the impact could be significant for organizations using this software (Talos Blog).

As of the disclosure date, no official fix has been released by the vendor. The vulnerability was disclosed after the 90-day period specified in Cisco's vulnerability disclosure policy had elapsed without a patch being released (Talos Blog).