DEBIAN-CVE-2022-23935
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-23935
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-23935.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-23935
- Upstream
- Published
- 2022-01-25T06:15:06.867Z
- Modified
- 2025-11-20T10:15:30.115987Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection.
- References
Affected packages
Debian:11 / libimage-exiftool-perl
Package
- Name
- libimage-exiftool-perl
- Purl
- pkg:deb/debian/libimage-exiftool-perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
12.*
12.16+dfsg-2
12.30+dfsg-1
12.31+dfsg-1
12.32+dfsg-1
12.33+dfsg-1
12.34+dfsg-1
12.35+dfsg-1
12.36+dfsg-1
12.37+dfsg-1
12.38+dfsg-1
12.39+dfsg-1
12.40+dfsg-1
12.41+dfsg-1
12.42+dfsg-1
12.43+dfsg-1
12.44+dfsg-1
12.45+dfsg-1
12.47+dfsg-1
12.48+dfsg-1
12.49+dfsg-1
12.50+dfsg-1
12.51+dfsg-1
12.52+dfsg-1
12.53+dfsg-1
12.54+dfsg-1
12.55+dfsg-1
12.56+dfsg-1
12.57+dfsg-1
12.63+dfsg-1
12.63+dfsg-2
12.64+dfsg-1
12.65+dfsg-1
12.67+dfsg-1
12.69+dfsg-1
12.70+dfsg-1
12.76+dfsg-1
13.*
13.00+dfsg-1
13.10+dfsg-1
13.25+dfsg-1
Debian:12 / libimage-exiftool-perl
Package
- Name
- libimage-exiftool-perl
- Purl
- pkg:deb/debian/libimage-exiftool-perl?arch=source
Debian:13 / libimage-exiftool-perl
Package
- Name
- libimage-exiftool-perl
- Purl
- pkg:deb/debian/libimage-exiftool-perl?arch=source
Debian:14 / libimage-exiftool-perl
Package
- Name
- libimage-exiftool-perl
- Purl
- pkg:deb/debian/libimage-exiftool-perl?arch=source