FFmpeg, the FFmpeg team’s complete solution for recording, converting, and streaming audio and video, suffers from a security vulnerability stemming from an unknown function in the file ibavcodec/rpzaenc.c of the QuickTime RPZA Video Encoder component, which could be exploited by an attacker to cause an out-of-bounds read by manipulating the parameter y_ size to cause out-of-bounds reads.