Exiftool Project: >> Exiftool >> 10.04 Security Vulnerabilities
lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection.
CVSS Score
7.8
EPSS Score
0.354
Published
2022-01-25
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
Known exploited
CVSS Score
6.8
EPSS Score
0.931
Published
2021-04-23