CVE-2021-22204
ExifTool Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Nov 17, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
Perl / Exiftool
Vulnerability
ExifTool Remote Code Execution Vulnerability
Added to KEV
Nov 17, 2021
Remediate by
Dec 1, 2021
Known ransomware use
No
Summary description
Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-22204
No related CVEs by CWE or product.