There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a denial of service attack via crafted input.
Created exiv2 tracking bugs for this issue:
Affects: fedora-all [bug 1475370]
Created attachment 1305393 [details]
Triggered by "./exiv2 $POC"