Name of the Vulnerable Software and Affected Versions Exiv2 version 0.26

Description The issue allows remote attackers to cause a denial of service due to invalid memory access via a crafted file. This is related to the Exiv2::Internal::printCsLensFFFF function in canonmn int.cpp.

Recommendations For Exiv2 version 0.26, consider avoiding the use of the Exiv2::Internal::printCsLensFFFF function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.