Exiv2 is a cross-platform C library and command-line utility for managing image metadata. exiv2 0.27.4 and earlier versions are vulnerable to an infinite loop. An attacker could exploit this vulnerability to cause a denial of service via specially crafted image files.