View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-7730 severity low: SUSE including 22 source package names (exempi, exempi-2.2.0-9.el7, …), 76 product×package rows across 46 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (46 product lines)): Fixed 46, Known Not Affected 30.
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.