Vulnerability Details CVE-2019-14442
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 7.1
References
Products affected by CVE-2019-14442
-
cpe:2.3:a:libav:libav:12.3
-
cpe:2.3:o:debian:debian_linux:8.0