Dragonarthurx

**Name of the Vulnerable Software and Affected Versions** Exiv2 versions 0.28.5 and earlier **Description** Exiv2 is a C++ library and command-line utility used for reading, writing, deleting, and modifying image metadata (Exif, IPTC, XMP, and ICC). An out-of-bounds read vulnerability exists when Exiv2 writes metadata to a crafted image file. This can lead to a denial of service by crashing the application if a victim is tricked into processing a malicious image. The issue is triggered specifically during metadata writing, which is a less common operation than reading metadata. **Recommendations** Exiv2 versions prior to 0.28.6 are affected. Update to version 0.28.6 or later to resolve this issue.