An out-of-bounds read could happen when exiv2, or an application linked against the exiv2 library, is used to parse untrusted images in the WebP format. This flaw is caused by an integer wraparound in function WebPImage::getHeaderOffset, which could allow an attacker to crash the application.