Exiv2 is a cross-platform C library and command-line utility for managing image metadata. exiv2 0.27.4 and earlier versions are vulnerable to an infinite loop. An attacker could exploit the vulnerability via specially crafted image files to cause a denial of service.