2 matches found
CVE-2022-23935
ExiphTool (lib/Image/ExifTool.pm) is affected in ExifTool before 12.38 due to a faulty $file =~ /|$/ check, enabling command injection. Affected component: ExifTool Perl library; vulnerability identified as CVE-2022-23935. Public advisories from Astra Linux and Alpine Linux/Fedora-based records c...
CVE-2026-3102
CVE-2026-3102 affects exiftool up to 13.49 on macOS, specifically the SetMacOSTags function in lib/Image/ExifTool/MacOS.pm within the PNG File Parser. The vulnerability arises from manipulating the DateTimeOriginal argument, enabling an OS command injection . The issue is described as exploitable...