Search Insyde.com

Insyde's Security Pledge

Recent Security Advisories

INSYDE-SA-2023041

Product

CVSS Score

Original Date

Last Revised

Supervyse

5.5-9.8

2023-06-13

Summary

Upgrade libcurl to 8.0.0.

Vulnerability Details

CVSS Vector: Multiple

Upgrade libcurl to 8.0.0 for fixing following vulnerabilities:

CVE-2023-27533
CVSS:8.8
Description: TELNET option IAC injection.
CVE-2023-27534
CVSS:8.8
Description: SFTP path ~ resolving discrepancy.
CVE-2023-27535
CVSS:7.5
Description: FTP too eager connection reuse.
CVE-2023-27536
CVSS:9.8
Description: GSS delegation too eager connection re-use.
CVE-2023-27537
CVSS:5.9
Description: HSTS double-free.
CVE-2023-27538
CVSS:5.5
Description: SSH connection to eager reuse still.

Solution Information

OPF RV 23.05 and after.
SPF RV 23.05 and after.

Acknowledgements

Revision History

Revision #

Date

Description

1

2023-06-13

Initial Release

< Back to Security Pledge