← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-22204 — Actively Exploited: Exiftool (Perl)

Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

CVE IDCVE-2021-22204
VendorPerl
ProductExiftool
Vulnerability nameExifTool Remote Code Execution Vulnerability
Date added2021-11-17
Remediation due2021-12-01
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionImproper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →