CVE-2019-18214

HIGH

Video_Converter 0.1.0 - Denial of Service via Concurrent FFmpeg Process Overload

Title source: llm
STIX 2.1

Description

The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.)

References (1)

Core 1
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/PaulLereverend/NextcloudVideo_Converter/issues/22

Scores

CVSS v3 7.7
EPSS 0.0139
EPSS Percentile 68.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

CWE
CWE-772
Status published
Products (1)
video_converter_project/video_converter 0.1.0
Published Oct 19, 2019
Tracked Since Feb 18, 2026