CVE-2021-22204
Vulnerability from cvelistv5
Published
2021-04-23 17:22
Modified
2025-02-06 19:50
Severity ?
EPSS score ?
Summary
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2021-11-17
Due date: 2021-12-01
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-22204
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:37:18.092Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackerone.com/reports/1154542", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json", }, { name: "DSA-4910", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4910", }, { name: "FEDORA-2021-de850ed71e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/", }, { name: "FEDORA-2021-e3d8833d36", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/", }, { name: "FEDORA-2021-88d24aa32b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/", }, { name: "[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/05/09/1", }, { name: "[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/05/10/5", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html", }, { name: "[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-22204", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-06T19:49:52.310831Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-17", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-22204", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-06T19:50:56.751Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "ExifTool", vendor: "ExifTool", versions: [ { status: "affected", version: ">=7.44, <12.24", }, ], }, ], credits: [ { lang: "en", value: "Thanks vakzz for reporting this vulnerability through the GitLab HackerOne bug bounty program who then reported it to the ExifTool maintainer", }, ], descriptions: [ { lang: "en", value: "Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Improper neutralization of directives in dynamically evaluated code ('eval injection') in ExifTool", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-11T17:06:12.000Z", orgId: "ceab7361-8a18-47b1-92ba-4d7d25f6715a", shortName: "GitLab", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800", }, { tags: [ "x_refsource_MISC", ], url: "https://hackerone.com/reports/1154542", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json", }, { name: "DSA-4910", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4910", }, { name: "FEDORA-2021-de850ed71e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/", }, { name: "FEDORA-2021-e3d8833d36", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/", }, { name: "FEDORA-2021-88d24aa32b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/", }, { name: "[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/05/09/1", }, { name: "[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/05/10/5", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html", }, { name: "[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@gitlab.com", ID: "CVE-2021-22204", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ExifTool", version: { version_data: [ { version_value: ">=7.44, <12.24", }, ], }, }, ], }, vendor_name: "ExifTool", }, ], }, }, credit: [ { lang: "eng", value: "Thanks vakzz for reporting this vulnerability through the GitLab HackerOne bug bounty program who then reported it to the ExifTool maintainer", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper neutralization of directives in dynamically evaluated code ('eval injection') in ExifTool", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800", refsource: "MISC", url: "https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800", }, { name: "https://hackerone.com/reports/1154542", refsource: "MISC", url: "https://hackerone.com/reports/1154542", }, { name: "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json", refsource: "CONFIRM", url: "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json", }, { name: "DSA-4910", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4910", }, { name: "FEDORA-2021-de850ed71e", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/", }, { name: "FEDORA-2021-e3d8833d36", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/", }, { name: "FEDORA-2021-88d24aa32b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/", }, { name: "[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/05/09/1", }, { name: "[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/05/10/5", }, { name: "http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html", }, { name: "[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html", }, { name: "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html", }, { name: "http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html", }, { name: "http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ceab7361-8a18-47b1-92ba-4d7d25f6715a", assignerShortName: "GitLab", cveId: "CVE-2021-22204", datePublished: "2021-04-23T17:22:15.000Z", dateReserved: "2021-01-05T00:00:00.000Z", dateUpdated: "2025-02-06T19:50:56.751Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { cisa_known_exploited: { cveID: "CVE-2021-22204", cwes: "[\"CWE-95\"]", dateAdded: "2021-11-17", dueDate: "2021-12-01", knownRansomwareCampaignUse: "Unknown", notes: "https://nvd.nist.gov/vuln/detail/CVE-2021-22204", product: "Exiftool", requiredAction: "Apply updates per vendor instructions.", shortDescription: "Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image", vendorProject: "Perl", vulnerabilityName: "ExifTool Remote Code Execution Vulnerability", }, nvd: "{\"cve\":{\"id\":\"CVE-2021-22204\",\"sourceIdentifier\":\"cve@gitlab.com\",\"published\":\"2021-04-23T18:15:08.127\",\"lastModified\":\"2025-03-13T16:41:27.050\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image\"},{\"lang\":\"es\",\"value\":\"Una neutralización inapropiada de los datos del usuario en el formato de archivo DjVu en ExifTool versiones 7.44 y posteriores, permite una ejecución de código arbitrario cuando se analiza la imagen maliciosa\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@gitlab.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.5,\"impactScore\":3.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2021-11-17\",\"cisaActionDue\":\"2021-12-01\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"ExifTool Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:exiftool_project:exiftool:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.44\",\"versionEndExcluding\":\"12.24\",\"matchCriteriaId\":\"9C18C58A-4D97-41AC-A2E6-5983D3376107\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/09/1\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/10/5\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/1154542\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4910\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/09/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/10/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/1154542\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4910\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://hackerone.com/reports/1154542\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4910\", \"name\": \"DSA-4910\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/\", \"name\": \"FEDORA-2021-de850ed71e\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/\", \"name\": \"FEDORA-2021-e3d8833d36\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/\", \"name\": \"FEDORA-2021-88d24aa32b\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/09/1\", \"name\": \"[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/10/5\", \"name\": \"[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html\", \"name\": \"[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T18:37:18.092Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-22204\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-06T19:49:52.310831Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-17\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-22204\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code ('Code Injection')\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-06T19:50:51.533Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Thanks vakzz for reporting this vulnerability through the GitLab HackerOne bug bounty program who then reported it to the ExifTool maintainer\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"ExifTool\", \"product\": \"ExifTool\", \"versions\": [{\"status\": \"affected\", \"version\": \">=7.44, <12.24\"}]}], \"references\": [{\"url\": \"https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://hackerone.com/reports/1154542\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4910\", \"name\": \"DSA-4910\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/\", \"name\": \"FEDORA-2021-de850ed71e\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/\", \"name\": \"FEDORA-2021-e3d8833d36\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/\", \"name\": \"FEDORA-2021-88d24aa32b\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/09/1\", \"name\": \"[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/10/5\", \"name\": \"[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html\", \"name\": \"[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Improper neutralization of directives in dynamically evaluated code ('eval injection') in ExifTool\"}]}], \"providerMetadata\": {\"orgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"shortName\": \"GitLab\", \"dateUpdated\": \"2022-05-11T17:06:12.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Thanks vakzz for reporting this vulnerability through the GitLab HackerOne bug bounty program who then reported it to the ExifTool maintainer\"}], \"impact\": {\"cvss\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \">=7.44, <12.24\"}]}, \"product_name\": \"ExifTool\"}]}, \"vendor_name\": \"ExifTool\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\", \"name\": \"https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\", \"refsource\": \"MISC\"}, {\"url\": \"https://hackerone.com/reports/1154542\", \"name\": \"https://hackerone.com/reports/1154542\", \"refsource\": \"MISC\"}, {\"url\": \"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json\", \"name\": \"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.json\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.debian.org/security/2021/dsa-4910\", \"name\": \"DSA-4910\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/\", \"name\": \"FEDORA-2021-de850ed71e\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/\", \"name\": \"FEDORA-2021-e3d8833d36\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/\", \"name\": \"FEDORA-2021-88d24aa32b\", \"refsource\": \"FEDORA\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/09/1\", \"name\": \"[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image\", \"refsource\": \"MLIST\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/10/5\", \"name\": \"[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image\", \"refsource\": \"MLIST\"}, {\"url\": \"http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html\", \"name\": \"http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/05/msg00018.html\", \"name\": \"[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update\", \"refsource\": \"MLIST\"}, {\"url\": \"http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html\", \"name\": \"http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Improper neutralization of directives in dynamically evaluated code ('eval injection') in ExifTool\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-22204\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@gitlab.com\"}}}}", cveMetadata: "{\"cveId\": \"CVE-2021-22204\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-06T19:50:56.751Z\", \"dateReserved\": \"2021-01-05T00:00:00.000Z\", \"assignerOrgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"datePublished\": \"2021-04-23T17:22:15.000Z\", \"assignerShortName\": \"GitLab\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.