CVE-2019-5065

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-5065

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-5065.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-5065

Published

2019-09-05T17:15:12.467Z

Modified

2025-11-20T11:02:51.716750Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0854

Affected packages

Git / github.com/blynkkk/blynk-library

Affected ranges

Type: GIT
Repo: https://github.com/blynkkk/blynk-library
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e93fea6a8267a3632cf920285cd7d8492bc2ad75

Affected versions

v0.*

v0.2.0

v0.2.1

v0.2.2

v0.2.2-beta

v0.2.3

v0.2.4

v0.3.0

v0.3.1

v0.3.10

v0.3.3

v0.3.4

v0.3.6

v0.3.7

v0.3.8

v0.3.9

v0.4.0

v0.4.1

v0.4.10

v0.4.2

v0.4.3

v0.4.4

v0.4.6

v0.4.7

v0.4.8

v0.5.0

v0.5.1

v0.5.2

v0.5.3

v0.5.4

v0.6.0

v0.6.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-5065.json"