EPSS
Percentile
62.1%
ffmpeg is vulnerable to arbitrary code execution. A heap-based buffer overflow in ff_fill_rectangle in libavfilter/drawutils.c allows an attacker to execute arbitrary code on the host OS.
ff_fill_rectangle
libavfilter/drawutils.c
cwe.mitre.org/data/definitions/122.html
security-tracker.debian.org/tracker/CVE-2020-22017
trac.ffmpeg.org/ticket/8309
www.debian.org/security/2021/dsa-4990