Kamadak

Name of the Vulnerable Software and Affected Versions: kamadak-exif version 0.5.2 Description: The issue is related to an infinite loop in parsing crafted PNG files, specifically in the `reader::read from container` function. This can lead to a denial-of-service (DoS) condition when used with untrusted data. Applications that do not pass files with the PNG signature to `Reader::read from container` are not affected. Recommendations: For kamadak-exif version 0.5.2, update to version 0.5.3 to resolve the issue. As a temporary workaround, consider avoiding the use of `reader::read from container` with crafted PNG files until a patch is available. Restrict access to `Reader::read from container` to minimize the risk of exploitation.