{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T02:21:28.827","vulnerabilities":[{"cve":{"id":"CVE-2019-5064","sourceIdentifier":"talos-cna@cisco.com","published":"2020-01-03T17:15:12.257","lastModified":"2024-11-21T04:44:16.757","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de desbordamiento del búfer de almacenamiento dinámico explotable en la funcionalidad de persistencia de la estructura de datos de OpenCV, anterior a la versión  4.2.0. Un archivo JSON especialmente diseñado puede causar un desbordamiento del búfer, lo que da como resultado múltiples corrupciones en el montón y, potencialmente, la ejecución del código. Un atacante puede proporcionar un archivo especialmente diseñado para desencadenar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opencv:opencv:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.2.0","matchCriteriaId":"BE654103-94F6-44DF-A86F-47DED6FB9117"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"A125E817-F974-4509-872C-B71933F42AD1"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0","matchCriteriaId":"65BF66DA-D1EF-4BF3-81F5-C36C29C63710"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783"}]}]}],"references":[{"url":"https://github.com/opencv/opencv/issues/15857","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"talos-cna@cisco.com","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","source":"talos-cna@cisco.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/opencv/opencv/issues/15857","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}