Both VLC and Tor Browser use the mediaframeworks (gstreamer, ffmpeg) on Linux. In case of Tor Bowser the devs are working to reduce attack surface by limiting what codecs the browser accesses.
What codecs and their versions are vectors for fingerprinting individual systems although in the case of Whonix this isn’t much of a threat considering all users run the same baseline.
https://trac.torproject.org/projects/tor/ticket/13543
https://trac.torproject.org/projects/tor/ticket/22933
My question to Tor mailing list
https://lists.torproject.org/pipermail/tor-talk/2018-February/044024.html