libexif is vulnerable to denial of service. Unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time and a potential application crash.
lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
access.redhat.com/errata/RHSA-2020:4040
access.redhat.com/security/updates/classification/#moderate
github.com/libexif/libexif/commit/e6a38a1a23ba94d139b1fa2cd4519fdcfe3c9bab
lists.debian.org/debian-lts-announce/2020/05/msg00025.html
security.gentoo.org/glsa/202007-05
usn.ubuntu.com/4396-1/