CVE-less vulnerabilities

When we know the parser has had several hundred security issues in the past (see https://www.cvedetails.com/vulnerability-list/vendor_id-1... , most of which say "...via a crafted file"), we can be pretty sure it's going to have a lot more.

> We don't know if the sandboxing software has security issues, hence, it probably doesn't.

The sandbox doesn't need to be perfect. To exploit a sandboxed parser, you need to find a bug in the parser *and* a bug in the sandbox. That's strictly harder than finding a bug in the parser, so the sandbox makes the system more secure. It's like the most obvious example of defense in depth.