14 points
*
FWIW common libraries like ffmpeg and what not can contain bugs which video files could potentially abuse and exploit.
Is that a common risk? Probably not. But image libraries have been known to have such exploits.
The fun thing is that it’s basically unquantifiable how large the risk is. We only know about vulnerabilities after we find them!
1 point
1 point