CVE-2019-18214

EUVD-2019-8014
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.7 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
mitreCNA
7.7 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AC:L/AV:N/A:H/C:N/I:N/PR:L/S:C/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
Affected Products (NVD)
VendorProductVersion
video_converter_projectvideo_converter
0.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/PaulLereverend/NextcloudVideo_Converter/issues/22
https://github.com/PaulLereverend/NextcloudVideo_Converter/issues/22