FFmpeg is vulnerable to denial of service (DoS) attacks and possibly other attacks. A malicious user can pass a malicious WebM file to create race conditions in the system that can lead to the system crashing.
git.videolan.org/?p=ffmpeg.git;a=commit;h=dabea74d0e82ea80cd344f630497cafcb3ef872c
googlechromereleases.blogspot.com/2015/10/stable-channel-update.html
rhn.redhat.com/errata/RHSA-2015-1912.html
www.debian.org/security/2015/dsa-3376
www.securityfocus.com/bid/77073
www.securitytracker.com/id/1033816
www.ubuntu.com/usn/USN-2770-1
www.ubuntu.com/usn/USN-2770-2
code.google.com/p/chromium/issues/detail?id=447860
code.google.com/p/chromium/issues/detail?id=532967
codereview.chromium.org/1376913003
lists.debian.org/debian-lts-announce/2018/12/msg00009.html
security.gentoo.org/glsa/201603-09