{"id":"CVE-2022-23935","details":"lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\\|$/ check, leading to command injection.","modified":"2026-04-16T04:36:43.368654049Z","published":"2022-01-25T06:15:06.867Z","related":["openSUSE-SU-2024:11794-1"],"references":[{"type":"FIX","url":"https://github.com/exiftool/exiftool/commit/74dbab1d2766d6422bb05b033ac6634bf8d1f582"},{"type":"EVIDENCE","url":"https://gist.github.com/ert-plus/1414276e4cb5d56dd431c2f0429e4429"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/exiftool/exiftool","events":[{"introduced":"0"},{"fixed":"74dbab1d2766d6422bb05b033ac6634bf8d1f582"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"12.38"}]}}],"versions":["10.00","10.01","10.02","10.03","10.04","10.05","10.06","10.07","10.08","10.09","10.10","10.11","10.12","10.13","10.14","10.15","10.16","10.17","10.18","10.19","10.20","10.21","10.22","10.23","10.24","10.25","10.26","10.27","10.28","10.29","10.30","10.31","10.32","10.33","10.34","10.35","10.36","10.37","10.38","10.39","10.40","10.41","10.42","10.43","10.44","10.45","10.46","10.47","10.48","10.49","10.50","10.51","10.52","10.53","10.54","10.55","10.56","10.57","10.58","10.59","10.60","10.61","10.62","10.63","10.64","10.65","10.66","10.67","10.68","10.69","10.71","10.72","10.73","10.74","10.75","10.76","10.77","10.78","10.81","10.82","10.83","10.84","10.85","10.86","10.87","10.88","10.89","10.90","10.91","10.92","10.93","10.94","10.95","10.96","10.97","10.98","10.99","11.00","11.01","11.02","11.03","11.04","11.05","11.06","11.07","11.08","11.09","11.10","11.11","11.12","11.13","11.14","11.15","11.16","11.18","11.19","11.20","11.21","11.22","11.23","11.24","11.25","11.26","11.27","11.28","11.29","11.30","11.31","11.32","11.33","11.34","11.35","11.36","11.37","11.38","11.39","11.40","11.41","11.42","11.43","11.44","11.45","11.46","11.47","11.48","11.49","11.50","11.51","11.52","11.53","11.54","11.55","11.56","11.57","11.58","11.59","11.60","11.61","11.62","11.63","11.64","11.65","11.66","11.67","11.68","11.69","11.70","11.71","11.72","11.73","11.74","11.75","11.76","11.77","11.78","11.79","11.80","11.81","11.82","11.83","11.84","11.85","11.86","11.87","11.88","11.89","11.90","11.91","11.92","11.93","11.94","11.95","11.96","11.97","11.98","11.99","12.00","12.01","12.02","12.03","12.04","12.05","12.06","12.07","12.08","12.09","12.10","12.11","12.12","12.13","12.14","12.15","12.16","12.17","12.18","12.19","12.20","12.21","12.22","12.23","12.24","12.25","12.26","12.27","12.28","12.29","12.30","12.31","12.32","12.33","12.34","12.35","12.36","12.37","9.71","9.72","9.73","9.74","9.75","9.76","9.77","9.78","9.79","9.80","9.81","9.82","9.83","9.84","9.85","9.86","9.87","9.88","9.89","9.90","9.91","9.92","9.93","9.94","9.95","9.96","9.97","9.98","9.99"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23935.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}