Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-14454

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
08/07/2026
Última modificación:
08/07/2026

Descripción

*** Pendiente de traducción *** Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed.<br /> <br /> Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process.<br /> <br /> An attacker could craft an image with EXIF data that terminates a worker process.

Impacto