Vulnerabilities > Exiftool Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-25	CVE-2022-23935	OS Command Injection vulnerability in Exiftool Project Exiftool lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\\|$/ check, leading to command injection. local low complexity exiftool-project CWE-78	7.8
2021-04-23	CVE-2021-22204	Code Injection vulnerability in multiple products Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image local low complexity exiftool-project debian fedoraproject CWE-94	7.8
2019-01-02	CVE-2018-20211	Uncontrolled Search Path Element vulnerability in Exiftool Project Exiftool 8.32 ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. local low complexity exiftool-project CWE-427	7.8

Vulnerabilities > Exiftool Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Exiftool Project"}]}