Closed
Description
Describe the bug
An input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
To Reproduce
Steps to reproduce the behaviour:
excute 'build/bin/exiv2 Jp2Image_readMetadata_loop.poc'
Expected behavior
An infinite loop and hang, with high CPU consumption

Additional context
The poc is here
Jp2Image_readMetadata_loop.poc.zip
The code:
io_->seek(restore,BasicIo::beg);
io_->seek(subBox.length, Exiv2::BasicIo::cur);
leads to an infinite loop.