This is such a great music service but I’m wondering who is behind it and why they provide it? It must be costing them something to host the site. Interesting that Cloudflare stats show its biggest user base is India.

  • chirpingEnglish
    1·
    3 months ago

    Well it’s both possible, and has been done. both with mp3s and FLAC, not too long ago. It’s not the format itself, but rather the applications parsing the files that are the target.

    CVE-2023-37327: A remote code execution vulnerability in GStreamer’s FLAC file parser caused by an integer overflow. Carefully crafted FLAC files could exploit this flaw to run arbitrary code on the target system

    https://nvd.nist.gov/vuln/detail/CVE-2023-37327#%3A~%3Atext=GStreamer+FLAC%2Ccode+on