If SVG is inlined it does have the ability to do many of these things; if it is in an img tag (or equivalent )- then script and external resource loading is disabled. How many of these threats still apply?

Afaik, the client-side attacks will be very limited with img src sandboxing. XSS will definitely not be possible.