CVE-2017-9149

7.5 HIGH
Published: May 22, 2017 Modified: May 13, 2026
View on NVD

Description

Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to obtain sensitive information by reading a file for which cleaning had been attempted.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://0xacab.org/mat/mat/commit/8f6303a1f26fe8dad83ba96ab8328dbdfa3af59a
Source: cve@mitre.org
Patch
https://0xacab.org/mat/mat/commit/94ca62a429bb6a3a5f293de26053e54bbfeea9f9
Source: cve@mitre.org
Patch
https://0xacab.org/mat/mat/issues/11527
Source: cve@mitre.org
Issue Tracking
https://bugs.debian.org/858058
Source: cve@mitre.org
Mailing List
https://0xacab.org/mat/mat/commit/8f6303a1f26fe8dad83ba96ab8328dbdfa3af59a
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://0xacab.org/mat/mat/commit/94ca62a429bb6a3a5f293de26053e54bbfeea9f9
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://0xacab.org/mat/mat/issues/11527
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugs.debian.org/858058
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List

8 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.5 / 10.0
EPSS (Exploit Probability)
1.8%
76th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-200

Affected Vendors

metadata_anonymisation_toolkit_project

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8