CVE-2019-14368

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.
Source: NIST
CVE-2019-14368