Insyde's Security Pledge
Recent Security Advisories

INSYDE-SA-2023051
Product
CVSS Score
Original Date
Last Revised
Supervyse
3.7~7.5
2023-08-08
Summary
Upgrade curl to version 8.1.0
Vulnerability Details
CVSS Vector: Multiple
Upgrade curl to version 8.1.0 which addressed following vulnerabilities.
- CVE-2023-28319
CVSS:7.5
Description: UAF in SSH sha256 fingerprint check - CVE-2023-28320
CVSS: 5.9
Description: siglongjmp race condition - CVE-2023-28321
CVSS: 5.9
Description: IDN wildcard match - CVE-2023-28322
CVSS: 3.7
Description: more POST-after-PUT confusion
Solution Information
OPF RV 23.05 and after.
SPF RV 23.05 and after.
Acknowledgements
Revision History
Revision #
Date
Description
1
2023-08-08
Initial Release