View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-14348 severity low: SUSE including 30 source package names (dcraw, dcraw-lang, …), 63 product×package rows across 24 product lines (SUSE Linux Enterprise Desktop 12 SP3, SUSE Linux Enterprise Module for Desktop Applications 15 SP4, … (24 product lines)): Known Not Affected 38, Fixed 25.
LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.