Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

The vulnerability of the library for processing metadata in multimedia Exif files, related to incorrect elimination of special elements in the output data, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

🗓️ 20 Jan 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec🔗 bdu.fstec.ru👁 1 Views

ExifTool metadata flaw enables data leakage, integrity loss, and service failures via DjVu files.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
3 May 202216:36
githubexploit
GithubExploit		Exploit for Code Injection in Gitlab
5 Jun 202115:42
githubexploit
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
2 Aug 202109:11
githubexploit
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
27 Oct 202515:59
githubexploit
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
29 Dec 202113:41
githubexploit
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
14 May 202303:43
githubexploit
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
4 Nov 202114:31
githubexploit
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
21 Feb 202211:07
githubexploit
GithubExploit		Exploit for Code Injection in Gitlab
4 Nov 202109:01
githubexploit
GithubExploit		Exploit for Code Injection in Exiftool_Project Exiftool
14 May 202611:44
githubexploit
Rows per page
Vulners
Node
phil_harveyexiftoolRange7.4412.24
SourceLink
bugswww.bugs.launchpad.net/ubuntu/+source/libimage-exiftool-perl/+bug/1925985
devcraftwww.devcraft.io/2021/05/04/exiftool-arbitrary-code-execution-cve-2021-22204.html
githubwww.github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031
nvdwww.nvd.nist.gov/vuln/detail/CVE-2021-22204
security-trackerwww.security-tracker.debian.org/tracker/CVE-2021-22204
wikiwww.wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
wikiwww.wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47
wikiwww.wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
xn--80ahaefyxhnwww.xn--80ahaefyxhn.xn--j1afgaq.xn--p1ai/bin/view/%D0%9E%D0%A1%D0%BD%D0%BE%D0%B2%D0%B0/%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F/2.1/
streletswww.strelets.net/patchi-i-obnovleniya-bezopasnosti
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
25 May 2026 00:00Current
7.3High risk
Vulners AI Score7.3
CVSS 26.8
CVSS 37.8
EPSS0.99981
ExifTool vulnerabilitymetadata processingdata leakageintegrity lossservice failurescrafted DjVu files
1