Insyde's Security Pledge
Recent Security Advisories
INSYDE-SA-2023030
Product
CVSS Score
Original Date
Last Revised
Supervyse
6.5-9.1
2023-05-09
Summary
Upgrade libcurl to 7.88.0
Vulnerability Details
CVSS Vector: Multiple
Upgrade libcurl to 7.88.0 to fix the following vulnerabilities.
- CVE-2023-23914
CVSS:9.1
Description: HSTS ignored on multiple requests - CVE-2023-23915
CVSS:6.5
Description: HSTS amnesia with –parallel - CVE-2023-0215
CVSS:5.9
Description: Use-after-free following BIO_new_NDEF - CVE-2023-23916
CVSS:6.5
Description: HTTP multi-header compression denial of service
Solution Information
OPF RV 23.05 and after.
SPF RV 23.05 and after.
Acknowledgements
Revision History
Revision #
Date
Description
1
2023-05-09
Initial Release