Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed
Summary
| CVE | CVE-2026-14454 |
|---|---|
| State | PUBLISHED |
| Assigner | CPANSec |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-08 13:16:30 UTC |
| Updated | 2026-07-10 15:31:22 UTC |
| Description | Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. An attacker could craft an image with EXIF data that terminates a worker process. |
Risk And Classification
Primary CVSS: v3.1 9.8 CRITICAL from ADP
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS: 0.003940000 probability, percentile 0.315050000 (date 2026-07-12)
Problem Types: CWE-196 | CWE-789 | CWE-196 CWE-196 Unsigned to Signed Conversion Error | CWE-789 CWE-789 Memory Allocation with Excessive Size Value
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | ADP | DECLARED | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| metacpan.org/release/TONYC/Imager-1.033/changes | 9b29abf9-4ab0-4765-b253-1875cd9b441e | metacpan.org | Release Notes |
| www.openwall.com/lists/oss-security/2026/07/08/6 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch, Third Party Advisory |
| github.com/tonycoz/imager/commit/06f01a5d0fd591259aeba589370d6888384a6b6... | 9b29abf9-4ab0-4765-b253-1875cd9b441e | github.com | Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
Solutions
CNA: Upgrade to version 1.033 or later.
There are currently no legacy QID mappings associated with this CVE.