7.7
CVE-2019-18214
- EPSS 0.39%
- Veröffentlicht 19.10.2019 14:15:10
- Zuletzt bearbeitet 21.11.2024 04:32:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Video Converter Project ≫ Video Converter Version0.1.0 SwPlatformnextcloud
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.593 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
| cve@mitre.org | 7.7 | 3.1 | 4 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
CWE-772 Missing Release of Resource after Effective Lifetime
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.