Security-bulletin

security@openharmony.io

September 2022

1 participants
1 discussions

OpenHarmony2022年9月安全漏洞 OpenHarmony Security Vulnerabilities in September 2022
by OpenHarmony-CNA 06 Sep '22

06 Sep '22

2022年9月安全漏洞发布于2022.9.6 最后更新于2022.9.6 漏洞编号相关漏洞漏洞描述漏洞影响 CVSS3.1基础得分受影响的版本受影响的仓库修复链接参考链接 OpenHarmony-SA-2022-0901 CVE-2022-36423 cJSON库的错误配置，导致递归解析时存在栈溢出漏洞。攻击者可在局域网络内发起攻击，对网络内设备发起DoS攻击，导致进程崩溃。 7.4 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.0-LTS到OpenHarmony-v1.1.5-LTS third_party_cJSON 3.1.x 3.1.x 3.0.x 3.0.x 1.1.x 1.1.x 本项目组上报 OpenHarmony-SA-2022-0902 CVE-2022-38081 安全子系统tokensync系统服务存在对调用者的权限校验绕过漏洞。攻击者可在局域网络内发起攻击，绕过分布式调用权限管控。利用此漏洞需要额外的一个获取system权限的漏洞。 6.2 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release security_access_token 3.1.x 本项目组上报 OpenHarmony-SA-2022-0903 CVE-2022-38701 通信子系统分布式软总线模块ipc接口存在堆内存泄露漏洞。攻击者可在局域网络内发起攻击，绕过分布式调用权限管控。 6.2 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS communication_dsoftbus 3.1.x 3.0.x 本项目组上报 OpenHarmony-SA-2022-0904 CVE-2022-38064 windowmanager的系统服务存在对调用者的权限校验绕过漏洞。攻击者可在本地发起攻击，绕过权限管控机制，获取设备敏感信息。 6.2 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release windowmanager 3.1.x 本项目组上报 OpenHarmony-SA-2022-0905 CVE-2022-38700 多媒体子系统相机服务存在对调用者的权限校验绕过漏洞。攻击者可在局域网内发起攻击，绕过权限管控机制，访问相机服务。 8.8 OpenHarmony-v3.1-Release multimedia_camera_standard 3.1.x 本项目组上报以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。 CVE 严重程度受影响的OpenHarmony版本修复链接 CVE-2022-34918 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-33981 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-33743 低 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-33742 低 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-33741 低 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-33740 低 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-32981 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32296 低 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32250 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-29582 高 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-27666 高 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS 3.0.x CVE-2022-26365 低 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-2380 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-2318 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-2153 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21499 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21166 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21125 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21123 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20154 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20153 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20141 高 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-20132 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20009 高 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS 3.0.x CVE-2022-1998 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1975 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1972 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1852 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-1836 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1789 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-1652 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-1508 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1205 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1204 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1198 中 OpenHarmony-v3.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS 3.1.x 3.0.x CVE-2022-0644 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-45868 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS 3.0.x CVE-2021-4135 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2021-33061 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2021-28713 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-28712 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-28711 中 OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-26401 中 OpenHarmony-v3.1-Release 3.1.x CVE-2022-37434 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.1-LTS到OpenHarmony-v1.1.5-LTS 3.1.x 3.0.x 1.1.x CVE-2022-1587 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-1586 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2097 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2068 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30789 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30788 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30787 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30786 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30785 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30784 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30783 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2021-46790 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-32215 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-32213 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-32212 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2097 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2021-46822 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2122 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1925 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1924 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1923 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1922 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1921 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1920 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-34835 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-30767 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-30552 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32208 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32207 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32206 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32205 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x Security Vulnerabilities in September 2022 published September 6,2022 updated September 6,2022 Vulnerability ID related Vulnerability Vulnerability Description Vulnerability Impact CVSS3.1 Base Score affected versions affected projects fix link reference OpenHarmony-SA-2022-0901 CVE-2022-36423 Incorrect configuration of the cJSON library lead a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. 7.4 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.0-LTS through OpenHarmony-v1.1.5-LTS third_party_cJSON 3.1.x 3.1.x 3.0.x 3.0.x 1.1.x 1.1.x Reported by OpenHarmony Team OpenHarmony-SA-2022-0902 CVE-2022-38081 Tokensync in security subsystem has a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system. 6.2 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release security_access_token 3.1.x Reported by OpenHarmony Team OpenHarmony-SA-2022-0903 CVE-2022-38701 IPC in communication subsystem has a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information. 6.2 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS communication_dsoftbus 3.1.x 3.0.x Reported by OpenHarmony Team OpenHarmony-SA-2022-0904 CVE-2022-38064 windowmanager in window subsystem has a permission bypass vulnerability. Local attackers can bypass permission control and get sensitive information. 6.2 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release windowmanager 3.1.x Reported by OpenHarmony Team OpenHarmony-SA-2022-0905 CVE-2022-38700 multimedia subsystem has a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service. 8.8 OpenHarmony-v3.1-Release multimedia_camera_standard 3.1.x Reported by OpenHarmony Team The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties. CVE severity affected OpenHarmony versions fix link CVE-2022-34918 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-33981 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-33743 Low OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-33742 Low OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-33741 Low OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-33740 Low OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-32981 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32296 Low OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32250 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-29582 High OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-27666 High OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS 3.0.x CVE-2022-26365 Low OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-2380 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-2318 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-2153 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21499 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21166 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21125 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-21123 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20154 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20153 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20141 High OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-20132 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-20009 High OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS 3.0.x CVE-2022-1998 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1975 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1972 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1852 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-1836 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1789 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-1652 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2022-1508 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1205 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1204 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1198 Medium OpenHarmony-v3.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS 3.1.x 3.0.x CVE-2022-0644 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-45868 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS 3.0.x CVE-2021-4135 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2021-33061 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2021-28713 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-28712 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-28711 Medium OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.0.x CVE-2021-26401 Medium OpenHarmony-v3.1-Release 3.1.x CVE-2022-37434 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.1-LTS through OpenHarmony-v1.1.5-LTS 3.1.x 3.0.x 1.1.x CVE-2022-1587 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-1586 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2097 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2068 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30789 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30788 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30787 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30786 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30785 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30784 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-30783 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2021-46790 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-32215 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-32213 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-32212 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2097 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2021-46822 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release 3.1.x CVE-2022-2122 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1925 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1924 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1923 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1922 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1921 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-1920 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-34835 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-30767 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-30552 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32208 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32207 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32206 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x CVE-2022-32205 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x 3.0.x

1 0