It was recently discovered that the mpv player is vulnerable to an remote execution attack, as documented below:

https://github.com/mpv-player/mpv/issues/5456

https://www.suse.com/security/cve/CVE-2018-6360/

Since our desktop app uses libmpv, we immediately dispatched our security experts to investigate. We are happy to report that the conclusion is, Stremio is NOT vulnerable to this attack. Our desktop application uses a stripped-down version of libmpv, which does not include youtube-dl at all; as this is the component that contributes to the existence of this vulnerability, Stremio is 100% safe.

We have said that before, and we’ll never get tired of saying it: safe, secure and pleasant user experience is an utmost priority for us. We will never allow for our system to be compromised, and our security team will continue to work tirelessly to ensure your safety. As usual, we remain open to any security-related questions that you may have.

Categories: SecurityStremio News

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Stremio News

Important notice for macOS users

We received reports from macOS users that the latest Stremio version (v4.4.24) does not launch in certain cases. Anyone having issues should download v4.4.10 as a temporary workaround: https://dl.strem.io/mac/v4.4.10/Stremio+4.4.10.dmg

Stremio News

Stremio Tech Update #3

Hello Stremio friends! December is knocking on the door and our team will give you some presents in advance. We summarised everything that’s new and important to know for Stremio this November and there we Read more…

Stremio News

Stremio Tech Update #2

It’s time for our next Stremio tech update, i.e. a brief summary of what we’ve been doing these past couple of weeks. v4.4.18, v4.4.19 These two versions of the Stremio desktop app include a few Read more…