CVE-2021-22204

Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image Vendor/Product: Perl Exiftool. Added to CISA KEV 2021-11-17; required action: Apply updates per vendor instructions.