CVE-2021-22204 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Severity

78%

Complexity

18%

Confidentiality

98%

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

CVSS 3.1 Base Score 7.8. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 3 years ago

2021-04-23 18:15:00

Last updated 3 years ago

2021-11-29 21:06:00

Affected Software

Debian Linux 9.0

9.0

Fedora 32

32

References

https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800

https://hackerone.com/reports/1154542

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json

DSA-4910

https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800

Patch, Third Party Advisory

https://hackerone.com/reports/1154542

Permissions Required, Third Party Advisory

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json

Third Party Advisory

DSA-4910

Third Party Advisory

FEDORA-2021-e3d8833d36

FEDORA-2021-de850ed71e

FEDORA-2021-88d24aa32b

[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image

[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image

http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html

[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update

http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html

http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html

FEDORA-2021-e3d8833d36

Mailing List, Third Party Advisory

FEDORA-2021-de850ed71e

Mailing List, Third Party Advisory

FEDORA-2021-88d24aa32b

Mailing List, Third Party Advisory

[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image

Mailing List, Third Party Advisory

[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image

Mailing List, Third Party Advisory

http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html

Third Party Advisory, VDB Entry

[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update

Mailing List, Third Party Advisory

http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html

Exploit, Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html

Exploit, Third Party Advisory, VDB Entry

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.