6 matches found
Exploit for Command Injection in Materialsvirtuallab Pymatgen
CVE-2024-23346-exploit This is a exploit for the known Remote...
abics (=2.1.0), abinitostudio (>=1.0.1 <=1.0.8) +93 more potentially affected by CVE-2024-23346 via pymatgen (>=2017.7.4 <=2024.11.13)
pymatgen PYPI version =2017.7.4, =1.0.1, =0.3.0, =0.2.0, =0.3.0, =2.0.0, =0.1.0, =1.1.4, =1.5.0, =1.1.2, =0.5.0, =0.3.0, =1.0.0a1, =3.0.0, =3.5.2 and more Source cves: CVE-2024-23346 Source advisory: OSV:GHSA-VGV8-5CPJ-QJ2F...
abics (=2.1.0), abinitostudio (>=1.0.1 <=1.0.8) +93 more potentially affected by CVE-2024-23346 via pymatgen (>=2017.7.4 <=2024.11.13)
pymatgen PYPI version =2017.7.4, =1.0.1, =0.3.0, =0.2.0, =0.3.0, =2.0.0, =0.1.0, =1.1.4, =1.5.0, =1.1.2, =0.5.0, =0.3.0, =1.0.0a1, =3.0.0, =3.5.2 and more Source cves: CVE-2024-23346 Source advisory: OSV:PYSEC-2024-226...
UBUNTU-CVE-2024-23346
Pymatgen Python Materials Genomics is an open-source Python library for materials analysis. A critical security vulnerability exists in the JonesFaithfulTransformation.fromtransformationstr method within the pymatgen library prior to version 2024.2.20. This method insecurely utilizes eval for...
CVE-2022-42964 Exponential ReDoS in pymatgen leads to denial of service
An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...
pymatgen 安全漏洞
pymatgen is an open source Python library for material analysis. A security vulnerability exists in pymatgen that can be exploited to trigger an exponential ReDoS when an attacker provides arbitrary input to the GaussianInput.fromstring method...