Filtered by vendor Materialsvirtuallab
Subscriptions
Filtered by product Pymatgen
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23346 | 1 Materialsvirtuallab | 1 Pymatgen | 2025-02-05 | 9.4 Critical |
| Pymatgen (Python Materials Genomics) is an open-source Python library for materials analysis. A critical security vulnerability exists in the `JonesFaithfulTransformation.from_transformation_str()` method within the `pymatgen` library prior to version 2024.2.20. This method insecurely utilizes `eval()` for processing input, enabling execution of arbitrary code when parsing untrusted input. Version 2024.2.20 fixes this issue. | ||||
| CVE-2022-42964 | 1 Materialsvirtuallab | 1 Pymatgen | 2025-02-04 | 5.9 Medium |
| An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method | ||||
Page 1 of 1.