Insyde's Security Pledge
Recent Security Advisories
INSYDE-SA-2023043
Product
CVSS Score
Original Date
Last Revised
Supervyse
Low-Medium
2023-09-12
Summary
Upgrade OpenSSL to 1.1.1u.
Vulnerability Details
CVSS Vector: Multiple
Upgrade OpenSSL to 1.1.1u which addressed the following vulnerabilities.
H2O-0324-2302
- CVE-2023-0464
CVSS: Low
Description: Excessive Resource Usage Verifying X.509 Policy Constraints. - CVE-2023-0465
CVSS: Low
Description: Invalid certificate policies in leaf certificates are silently ignored. - CVE-2023-0466
CVSS: Low
Description: Certificate policy check not enabled. - CVE-2023-2650
CVSS: Medium
Description: Possible DoS translating ASN.1 object identifiers.
Solution Information
OPF RV 23.06 and after.
SPF RV 23.05 and after.
Acknowledgements
Revision History
Revision #
Date
Description
1
2023-09-12
Initial Release