Whitepaper that discusses improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up that allows for arbitrary code execution when parsing a malicious image.
You can download it from the following link: https://packetstormsecurity.com/files/download/162686/exiftool.pdf
Source: https://packetstormsecurity.com/files/162686/ExifTool-Djvu-Code-Execution.html