Intel

AIKIDO-2026-854202

exifreader is vulnerable to Denial of Service (DoS)

Denial of Service (DoS) Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
Published 3 days ago

53

Medium Risk

This Affects:

JSexifreader
4.39.0 - 4.40.4
Fixed in 4.40.5
Are you affected? Scan for Free

TL;DR

ExifReader parses ICC profile mluc (multiLocalizedUnicodeType) tags in src/icc-tags.js by iterating over an attacker-declared record count and appending one entry per record to an in-memory array. When a crafted ICC profile declares a very large numRecords together with a valid record size and a sufficiently large payload, the parser processes and allocates an object per record with no upper bound on the record count. Parsing such an image consumes excessive CPU and memory and can exhaust the host process. The fix caps the mluc record count and returns the already parsed tags once the cap is exceeded.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range.

Background info

exifreader is vulnerable to Denial of Service (DoS) in versions 4.39.0 - 4.40.4.

How to fix this

Upgrade the exifreader library to the patch version.