FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

py-pymatgen -- regular expression denial of service

Affected packages
py310-pymatgen <= 2022.9.21
py311-pymatgen <= 2022.9.21
py37-pymatgen <= 2022.9.21
py38-pymatgen <= 2022.9.21
py39-pymatgen <= 2022.9.21


VuXML ID 951b513a-9f42-436d-888d-2162615d0fe4
Discovery 2022-11-10
Entry 2023-04-09

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method.


CVE Name CVE-2022-42964