FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security Vulnerability found in ExifTool leading to RCE

Affected packages
p5-Image-ExifTool < 12.38

Details

VuXML ID 482456fb-e9af-11ec-93b6-318d1419ea39
Discovery 2022-01-25
Entry 2022-06-11

Debian Security tracker reports:

ExifTool.pm in ExifTool before 12.38 mishandles a file special characters check, leading to command injection

[source]

References

CVE Name CVE-2022-23935
URL https://www.cvedetails.com/cve/CVE-2022-23935

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.