CVE-2022-23935

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-23935

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23935.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-23935

Downstream

DEBIAN-CVE-2022-23935

UBUNTU-CVE-2022-23935

openSUSE-SU-2024:11794-1

Related

Published

2022-01-25T06:15:06.867Z

Modified

2025-11-20T12:02:54.602500Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection.

References

Affected packages

Git / github.com/exiftool/exiftool

Affected ranges

Type: GIT
Repo: https://github.com/exiftool/exiftool
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

74dbab1d2766d6422bb05b033ac6634bf8d1f582

Affected versions

10.*

10.00

10.01

10.02

10.03

10.04

10.05

10.06

10.07

10.08

10.09

10.10

10.11

10.12

10.13

10.14

10.15

10.16

10.17

10.18

10.19

10.20

10.21

10.22

10.23

10.24

10.25

10.26

10.27

10.28

10.29

10.30

10.31

10.32

10.33

10.34

10.35

10.36

10.37

10.38

10.39

10.40

10.41

10.42

10.43

10.44

10.45

10.46

10.47

10.48

10.49

10.50

10.51

10.52

10.53

10.54

10.55

10.56

10.57

10.58

10.59

10.60

10.61

10.62

10.63

10.64

10.65

10.66

10.67

10.68

10.69

10.71

10.72

10.73

10.74

10.75

10.76

10.77

10.78

10.79

10.81

10.82

10.83

10.84

10.85

10.86

10.87

10.88

10.89

10.90

10.91

10.92

10.93

10.94

10.95

10.96

10.97

10.98

10.99

11.*

11.00

11.01

11.02

11.03

11.04

11.05

11.06

11.07

11.08

11.09

11.10

11.11

11.12

11.13

11.14

11.15

11.16

11.17

11.18

11.19

11.20

11.21

11.22

11.23

11.24

11.25

11.26

11.27

11.28

11.29

11.30

11.31

11.32

11.33

11.34

11.35

11.36

11.37

11.38

11.39

11.40

11.41

11.42

11.43

11.44

11.45

11.46

11.47

11.48

11.49

11.50

11.51

11.52

11.53

11.54

11.55

11.56

11.57

11.58

11.59

11.60

11.61

11.62

11.63

11.64

11.65

11.66

11.67

11.68

11.69

11.70

11.71

11.72

11.73

11.74

11.75

11.76

11.77

11.78

11.79

11.80

11.81

11.82

11.83

11.84

11.85

11.86

11.87

11.88

11.89

11.90

11.91

11.92

11.93

11.94

11.95

11.96

11.97

11.98

11.99

12.*

12.00

12.01

12.02

12.03

12.04

12.05

12.06

12.07

12.08

12.09

12.10

12.11

12.12

12.13

12.14

12.15

12.16

12.17

12.18

12.19

12.20

12.21

12.22

12.23

12.24

12.25

12.26

12.27

12.28

12.29

12.30

12.31

12.32

12.33

12.34

12.35

12.36

12.37

9.*

9.71

9.72

9.73

9.74

9.75

9.76

9.77

9.78

9.79

9.80

9.81

9.82

9.83

9.84

9.85

9.86

9.87

9.88

9.89

9.90

9.91

9.92

9.93

9.94

9.95

9.96

9.97

9.98

9.99

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23935.json"