CVE-2021-22204 - ExifTool Remote Code Execution Vulnerability
Project:Perl
Product:Exiftool
Date Added:2021-11-17Due Date:2021-12-01
Vulnerability Name
ExifTool Remote Code Execution Vulnerability
Description
Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-22204
Related News Articles
How Breaches Start: Breaking Down 5 Real VulnsApril 28, 2025