1. CVE-Search
  2. CVE-2021-27815
ID CVE-2021-27815
Summary NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.
References
Vulnerable Configurations
  • cpe:2.3:a:libexif_project:exif:-:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:-:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.9:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.9:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.17:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.17:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.18:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.18:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.19:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.19:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.20:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.20:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.21:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.21:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif_project:exif:0.6.22:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:exif:0.6.22:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 04-11-2022 - 15:24)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
Last major update 04-11-2022 - 15:24
Published 14-04-2021 - 14:15
Last modified 04-11-2022 - 15:24
Back to Top