Name of the Vulnerable Software and Affected Versions Exiv2 version 0.26

Description The issue allows remote attackers to cause a denial of service due to excessive memory allocation via a crafted file. This is related to the Exiv2::Jp2Image::readMetadata function in jp2image.cpp.

Recommendations For Exiv2 version 0.26, consider restricting the use of the Exiv2::Jp2Image::readMetadata function until a patch is available to prevent excessive memory allocation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.