View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-6328 severity moderate: SUSE including 27 source package names (libexif, libexif-32bit, …), 112 product×package rows across 64 product lines (HPE Helion OpenStack 8, SUSE Enterprise Storage 5, … (64 product lines)): Fixed 105, Known Not Affected 7.
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).