vulnerability

Ubuntu: (CVE-2021-27815): exif vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Apr 14, 2021	Jun 26, 2025	Aug 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Apr 14, 2021

Added

Jun 26, 2025

Modified

Aug 18, 2025

Description

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.

Solution

no-fix-ubuntu-package

References

CVE-2021-27815
https://attackerkb.com/topics/CVE-2021-27815
CWE-476
URL-https://github.com/libexif/exif/commit/f6334d9d32437ef13dc902f0a88a2be0063d9d1c
URL-https://github.com/libexif/exif/issues/4
URL-https://www.cve.org/CVERecord?id=CVE-2021-27815

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today