View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-5809 severity moderate: SUSE including 5 source package names (libraw, libraw-devel, libraw-devel-static, libraw16, libraw9), 15 product×package rows across 6 product lines (SUSE Linux Enterprise Desktop 12 SP3, SUSE Linux Enterprise Desktop 12 SP4, … (6 product lines)): Known Not Affected 15.
An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.