vulnerability

FreeBSD: VID-951b513a-9f42-436d-888d-2162615d0fe4 (CVE-2022-42964): py-pymatgen -- regular expression denial of service

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

Apr 9, 2023

Added

Apr 14, 2023

Modified

Jun 15, 2026

Description

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method

Solutions

freebsd-upgrade-package-py37-pymatgenfreebsd-upgrade-package-py38-pymatgenfreebsd-upgrade-package-py39-pymatgenfreebsd-upgrade-package-py310-pymatgenfreebsd-upgrade-package-py311-pymatgen

References

CVE-2022-42964
https://attackerkb.com/topics/CVE-2022-42964
CWE-1333
EUVD-EUVD-2022-7243
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-7243

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report