Vulnerabilities > Exiftool Project > Exiftool > 12.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2022-23935 | OS Command Injection vulnerability in Exiftool Project Exiftool lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection. | 7.8 |
| 2021-04-23 | CVE-2021-22204 | Code Injection vulnerability in multiple products Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image | 7.8 |