Debian Linux Security Advisory 4105-1 - It was discovered that mpv, a media player, was vulnerable to remote code execution attacks. An attacker could craft a malicious web page that, when used as an argument in mpv, could execute arbitrary code in the host of the mpv user.
9d62b2442745a4c9c4bd227c62bd0a6d2955e0b06fe5fa74c04517dcf75ea546