[Bug 1953616] New: CVE-2021-22204 perl-Image-ExifTool: improper neutralization of user data in the DjVu file format allows arbitrary code execution when parsing the malicious image

https://bugzilla.redhat.com/show_bug.cgi?id=1953616 Bug ID: 1953616 Summary: CVE-2021-22204 perl-Image-ExifTool: improper neutralization of user data in the DjVu file format allows arbitrary code execution when parsing the malicious image Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: perl-devel(a)lists.fedoraproject.org, spotrh(a)gmail.com Target Milestone: --- Classification: Other Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image Reference and upstream patch: https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a8... -- You are receiving this mail because: You are on the CC list for the bug.