View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-7544 severity low: SUSE including 28 source package names (libexif-0.6.17-2.14.3.1, libexif-32bit-0.6.17-2.14.3.1, …), 116 product×package rows across 64 product lines (HPE Helion OpenStack 8, SUSE Enterprise Storage 5, … (64 product lines)): Fixed 116.
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.