Exiftool Exiftoolproject Exiftool

Do you want an email whenever new security vulnerabilities are reported in Exiftoolproject Exiftool?

By the Year

In 2021 there have been 1 vulnerability in Exiftoolproject Exiftool with an average score of 7.8 out of ten. Exiftool did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2021 as compared to last year.

Year Vulnerabilities Average Score
2021 1 7.80
2020 0 0.00
2019 1 7.80
2018 0 0.00

It may take a day or so for new Exiftool vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Exiftoolproject Exiftool Security Vulnerabilities

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up

CVE-2021-22204 7.8 - High - April 23, 2021

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

Injection

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username

CVE-2018-20211 7.8 - High - January 02, 2019

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 (9.x was released starting in 2012, and 10.x was released starting in 2015).

DLL preloading

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Exiftoolproject Exiftool or by Exiftoolproject? Click the Watch button to subscribe.

subscribe