CVE-2021-22204

What is ExifTool?

ExifTool is a widely-used open-source Perl library and command-line application for reading, writing, and editing metadata in image, audio, video, and document files. It supports over 140 file formats including JPEG, PNG, TIFF, DjVu, PDF, and many others. ExifTool is embedded in countless applications — including content management systems, digital asset management tools, GitLab (for CI/CD pipeline artifact processing), and image upload handlers. Because ExifTool processes untrusted file content (user-uploaded images and documents), a code injection vulnerability in its metadata parser allows attackers to execute arbitrary commands on any system that runs ExifTool against attacker-controlled files.

Overview

CVE-2021-22204 is a code injection vulnerability (CWE-94) in ExifTool versions 7.44 through 12.23. ExifTool's DjVu file format parser does not properly neutralize user-supplied metadata when processing the ANT (annotations) chunk — injecting Perl code into the DjVu metadata causes ExifTool to execute it as part of its Perl eval-based metadata processing. Since ExifTool's S:C (Scope: Changed) classification reflects that the injected code runs in the ExifTool process which may be more privileged than the file's origin, this vulnerability enables code execution in web application server contexts. GitLab's use of ExifTool for CI artifact processing made it a particularly high-value attack surface.

Affected Versions

Technical Details

• Root cause: Code injection (CWE-94) in ExifTool's DjVu ANT metadata parser — the parser uses Perl's string evaluation mechanism to process certain metadata values; by embedding Perl code in the DjVu ANT annotation chunk, an attacker causes ExifTool to execute arbitrary Perl code during metadata extraction
• DjVu ANT format: DjVu files contain annotation blocks (ANT chunks) with structured metadata including document layout information; ExifTool's parser for these chunks passes values through an unsafe code evaluation path, treating attacker-supplied strings as executable Perl rather than data
• Exploitation mechanism: A maliciously crafted DjVu file (or a file with a DjVu-style ANT metadata chunk, including some JPEG/TIFF variants processed by the same code path) when passed to ExifTool causes immediate command execution — no additional user interaction required beyond running ExifTool against the file
• GitLab CI vector: GitLab used ExifTool to process metadata from uploaded files in CI pipelines (exiftool was called on pipeline artifacts); an attacker who could submit a job to a GitLab CI runner and pass a malicious file as an artifact could execute code on the GitLab server or CI runner host — the S:C reflects this cross-boundary execution
• Broad attack surface: Any application that calls ExifTool to process user-supplied files is vulnerable — content management systems, digital asset management platforms, photo sharing sites, document processing pipelines, and web application frameworks that depend on ExifTool for metadata extraction

Discovery

Discovered by William Bowling (vakzz) and independently by other researchers. The vulnerability was reported to GitLab due to the high-impact exploitation path via GitLab CI. ExifTool 12.24 was released on April 13, 2021 to address the vulnerability. GitLab patched its bundled ExifTool in versions 13.8.8, 13.9.6, and 13.10.3.

Exploitation Context

CVE-2021-22204 was rapidly weaponized after public disclosure due to its trivial exploitability — crafting a malicious DjVu file is straightforward, and any ExifTool invocation against the file triggers execution. GitLab CI runners, web application file upload handlers, and server-side image processing pipelines all represent attack surfaces. The CISA KEV addition in November 2021 reflects confirmed exploitation in production environments. The vulnerability is also significant in red team and penetration testing contexts where attackers can leverage image metadata as a payload delivery mechanism against organizations that process uploaded images server-side.

Remediation

1. Upgrade ExifTool to version 12.24 or later — the code injection in the DjVu ANT parser is fixed
2. Update GitLab to 13.10.3, 13.9.6, or 13.8.8 or later if running a version that bundles a vulnerable ExifTool
3. Audit any application that calls ExifTool on user-supplied files and ensure it uses ExifTool 12.24+
4. Run ExifTool in a sandboxed environment (container, subprocess with restricted permissions) so that even if exploited, code execution is contained to the sandboxed context
5. Validate file types on upload before processing with ExifTool — reject files that don't match expected formats; DjVu files from untrusted sources are a specific risk
6. Monitor system logs for unexpected process spawning from ExifTool parent processes, which would indicate active exploitation