View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-18005 severity low: SUSE including 8 source package names (exiv2-0.27.2-5.el8, exiv2-devel-0.27.2-5.el8, …), 8 product×package rows across 1 product lines (SUSE Liberty Linux 8): Fixed 8.
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.