CVE-2026-2704

Опубликовано: 19 фев. 2026

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 4.3

Описание

A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The identifier of the patch is e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. It is suggested to install a patch to address this issue. The project was informed of the problem early through an issue report but has not responded yet.

Релиз	Статус	Примечание
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
jammy	needs-triage
noble	needs-triage
questing	needs-triage
upstream	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 6%

0.00024

Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2026-2704

CVSS3: 4.3

nvd

около 1 месяца назад

CVE-2026-2704

CVSS3: 4.3

debian

около 1 месяца назад

A security vulnerability has been detected in Open Babel up to 3.1.1. ...

GHSA-2m54-8m6g-qf93

CVSS3: 4.3

github

около 1 месяца назад

A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

EPSS

Процентиль: 6%

0.00024

Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3

CVE-2026-2704

Описание

Пакет openbabel

Ссылки на источники

Связанные уязвимости