Lucene search

[email protected]NVD:CVE-2019-18214

HistoryOct 19, 2019 - 2:15 p.m.

CVE-2019-18214

2019-10-1914:15:10

CWE-772

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

28.7%

JSON

The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.)

Affected configurations

Nvd

Node

video_converter_projectvideo_converterMatch0.1.0nextcloud

VendorProductVersionCPE
video_converter_projectvideo_converter0.1.0cpe:2.3:a:video_converter_project:video_converter:0.1.0:*:*:*:*:nextcloud:*:*

Vendor	Product	Version	CPE
video_converter_project	video_converter	0.1.0	cpe:2.3:a:video_converter_project:video_converter:0.1.0:::::nextcloud::

References

github.com/PaulLereverend/NextcloudVideo_Converter/issues/22

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

28.7%

JSON

Related for NVD:CVE-2019-18214

osv1 cve1 prion1 cvelist1