CVE-2025-55304: 
Python vulnerability analysis and mitigation

Exiv2, a C++ library and command-line utility for reading, writing, deleting, and modifying image metadata (Exif, IPTC, XMP, and ICC), was found to contain a denial-of-service vulnerability (CVE-2025-55304) in version 0.28.5. The vulnerability was discovered on August 15, 2025, and publicly disclosed on August 29, 2025. The issue affects the ICC profile parsing code in the jpegBase::readMetadata() function, which can cause the application to run for an extended period when processing crafted JPG image files (GitHub Advisory, NVD).

The vulnerability stems from a quadratic algorithm in the ICC profile parsing code where the application repeatedly reallocates and copies the entire buffer for each segment when processing ICC profiles. The issue occurs specifically in the jpegBase::readMetadata() function when handling ICC profile chunks. The vulnerability has been assigned a CVSS v4.0 base score of 1.8 (Low) with vector string CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N, and a CVSS v3.1 base score of 5.5 (Medium) with vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H. The vulnerability is classified as CWE-407 (Inefficient Algorithmic Complexity) (GitHub Advisory, NVD).

The vulnerability can lead to a denial-of-service condition when Exiv2 processes a specially crafted JPG image file. The inefficient algorithm causes the application to consume excessive CPU resources and run for an extended period, potentially making the system unresponsive (GitHub Advisory).

The vulnerability has been fixed in Exiv2 version 0.28.6. The fix introduces a new appendIccProfile method that efficiently handles the appending of bytes to the ICC profile without requiring repeated buffer reallocations and copies (GitHub PR).