CVE-2019-5064

Summary

An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aOpenCVOpenCV 4.1.0affected

Weaknesses

  • CWE-120: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

References