There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input.
"https://github.com/pypa/advisory-database/blob/main/vulns/exiv2/PYSEC-2017-125.yaml"