web/security: add CVE-2018-10001 entry to FFmpeg 4.0