CVE-2026-14454
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
08/07/2026
Última modificación:
08/07/2026
Descripción
*** Pendiente de traducción *** Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed.<br />
<br />
Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process.<br />
<br />
An attacker could craft an image with EXIF data that terminates a worker process.



