6.8
CVSSv2

CVE-2021-22204

Published: 23/04/2021 Updated: 05/05/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

A vulnerability exists in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in execution of arbitrary code if a malformed DjVu file is processed. For the stable distribution (buster), this problem has been fixed in version 11.16-1+deb10u1. We recommend that you upgrade your libimage-exiftool-perl packages. For the detailed security status of libimage-exiftool-perl please refer to its security tracker page at: security-tracker.debian.org/tracker/libimage-exiftool-perl

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

Vendor Advisories

Debian Bug report logs - #987505 CVE-2021-22204: Improper neutralization of directives in dynamically evaluated code ('eval injection') Package: libimage-exiftool-perl; Maintainer for libimage-exiftool-perl is Debian Perl Group <pkg-perl-maintainers@listsaliothdebianorg>; Source for libimage-exiftool-perl is src:libimage-exiftool ...
A vulnerability was discovered in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in execution of arbitrary code if a malformed DjVu file is processed For the stable distribution (buster), this problem has been fixed in version 1116-1+deb10u1 We recommend that you upgrade you ...
Improper neutralization of user data in the DjVu file format in ExifTool versions 744 up to 1223 allows arbitrary code execution when parsing the malicious image ...

Github Repositories

ExifCleaner Desktop app to clean metadata from images, videos, PDFs, and other files Benefits Fast Drag & Drop Free and open source (MIT) Windows, Mac, and Linux Supports popular image formats such as PNG, JPG, GIF, and TIFF Supports popular video formats such as M4A, MOV, and MP4 Supports PDF documents* (partial, see discussion) Batch-processing Multi-core suppo