CVE-2021-22204β€”ExifTool Remote Code Execution Vulnerability

PUBLISHEDvulnerability record
2021-11-17 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2021-22204
Project:
Perl
Product:
Exiftool
Date Added:
2021-11-17
Due Date:
2021-12-01
Last Updated:
June 21, 2025

Vulnerability Name

ExifTool Remote Code Execution Vulnerability

Description

Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses