Debian Libimage-Exiftool-Perl vulnerabilities

CVE-2026-3102 [MEDIUM] CVE-2026-3102: libimage-exiftool-perl - A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affe... A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose

CVE-2022-23935 [HIGH] CVE-2022-23935: libimage-exiftool-perl - lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check... lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection. Scope: local bookworm: resolved (fixed in 12.38+dfsg-1) bullseye: open forky: resolved (fixed in 12.38+dfsg-1) sid: resolved (fixed in 12.38+dfsg-1) trixie: resolved (fixed in 12.38+dfsg-1)

CVE-2021-22204 [MEDIUM] CVE-2021-22204: libimage-exiftool-perl - Improper neutralization of user data in the DjVu file format in ExifTool version... Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image Scope: local bookworm: resolved (fixed in 12.16+dfsg-2) bullseye: resolved (fixed in 12.16+dfsg-2) forky: resolved (fixed in 12.16+dfsg-2) sid: resolved (fixed in 12.16+dfsg-2) trixie: resolve