CVE-2019-13114 (exiv2)

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
Source: NIST
CVE-2019-13114 (exiv2)