Search Insyde.com

Insyde's Security Pledge

Recent Security Advisories

INSYDE-SA-2024004

Product

CVSS Score

Original Date

Last Revised

Supervyse

N/A

2024-05-13

Summary

Upgrade libcurl to 8.7.1

Vulnerability Details

CVSS Vector: See in description.

Upgrade libcurl to version 8.7.1 which addressed following vulnerabilities.

CVE-2024-2004:
CVSS: N/A
CVSS Vector String: N/A
Usage of disabled protocol
CVE-2024-2379:
CVSS: N/A
CVSS Vector String: N/A
QUIC certificate check bypass with wolfSSL
CVE-2024-2398:
CVSS: N/A
CVSS Vector String: N/A
HTTP/2 push headers memory-leak
CVE-2024-2398:
CVSS: N/A
CVSS Vector String: N/A
TLS certificate check bypass with mbedTLS

Solution Information

OPF:RV24.04.2 and after.

Acknowledgements

Revision History

Revision #

Date

Description

1

2024-05-13

Initial Release

< Back to Security Pledge