07 Mar '23
2023年03月安全漏洞
发布于2023.03.07
最后更新于2023.03.07
漏洞编号
相关漏洞
漏洞描述
漏洞影响
CVSS3.1基础得分
受影响的版本
受影响的仓库
修复链接
参考链接
OpenHarmony-SA-2023-0301
CVE-2023-24465
WLAN组件子系统通信设备服务的一个接口,在接受外部数据时存在空指针引用。
本地攻击者利用此漏洞,可导致当前应用crash。
5.5
OpenHarmony-v3.1-Release 到 OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS 到 OpenHarmony-v3.0.7-LTS
communication_wifi
3.1.x<https://gitee.com/openharmony/communication_wifi/pulls/788>
3.0.x<https://gitee.com/openharmony/communication_wifi/pulls/862>
本项目组上报
OpenHarmony-SA-2023-0302
CVE-2023-25947
包管理模块存在安装hap包时没有做有效性判断的漏洞。
本地攻击者利用此漏洞构造非法数据,在安装hap包时可以导致系统无响应。
6.2
OpenHarmony-v3.1-Release 到 OpenHarmony-v3.1.4-Release
bundlemanager_bundle_framework
3.1.x<https://gitee.com/openharmony/bundlemanager_bundle_framework/pulls/3094>
本项目组上报
以下为三方库漏洞,只提供CVE、严重程度、受影响的OpenHarmony版本,详细信息请参考三方公告。
CVE
严重程度
受影响的OpenHarmony版本
修复链接
CVE-2022-47946
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/646>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/647>
CVE-2022-2196
低
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/665>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/666>
CVE-2023-0047
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/631>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/632>
CVE-2023-23559
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2022-3640
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/659>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/660>
CVE-2022-47929
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/677>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/678>
CVE-2023-0179
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2023-0394
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/677>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/678>
CVE-2023-23454
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2023-23455
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2023-0590
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/687>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/688>
CVE-2023-0615
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/696>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/697>
CVE-2023-0045
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/696>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/697>
CVE-2023-20938
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/696>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/697>
CVE-2022-3176
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/553>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/561>
CVE-2023-0045
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/96>
3.0.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/97>
CVE-2022-3028
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/98>
3.0.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/99>
CVE-2020-36516
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/682>
CVE-2022-3341
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_ffmpeg/pulls/74>
3.0.x<https://gitee.com/openharmony/third_party_ffmpeg/pulls/73>
1.1.x<https://gitee.com/openharmony/device_hisilicon_third_party_ffmpeg/pulls/19>
CVE-2022-4450
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/80>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/81>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/82>
CVE-2023-0286
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/83>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/85>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/86>
CVE-2023-0215
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/83>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/85>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/86>
CVE-2022-4304
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/87>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/88>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/89>
CVE-2021-41751
严重
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/101>
3.0.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/102>
CVE-2021-43453
严重
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/103>
3.0.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/104>
CVE-2022-1304
高
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/third_party_e2fsprogs/pulls/51>
3.0.x<https://gitee.com/openharmony/third_party_e2fsprogs/pulls/52>
CVE-2023-23914
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/110>
3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/111>
1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/112>
CVE-2023-23915
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/110>
3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/111>
1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/112>
CVE-2023-23916
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/110>
3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/111>
1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/112>
CVE-2020-35538
中
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_flutter/pulls/250>
3.0.x<https://gitee.com/openharmony/third_party_flutter/pulls/251>
CVE-2022-37434
严重
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_flutter/pulls/247>
3.0.x<https://gitee.com/openharmony/third_party_flutter/pulls/248>
Security Vulnerabilities in Feburary 2023
published March 7,2023
updated March 7,2023
Vulnerability ID
related Vulnerability
Vulnerability Description
Vulnerability Impact
CVSS3.1 Base Score
affected versions
affected projects
fix link
reference
OpenHarmony-SA-2023-0301
CVE-2023-24465
Communication Wi-Fi subsystem has a null pointer reference vulnerability when receiving external data.
Local attackers can exploit this vulnerability to cause the current application to crash.
5.5
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
communication_wifi
3.1.x<https://gitee.com/openharmony/communication_wifi/pulls/788>
3.0.x<https://gitee.com/openharmony/communication_wifi/pulls/862>
Reported by OpenHarmony Team
OpenHarmony-SA-2023-0302
CVE-2023-25947
The bundle management subsystem has a improper input validation when installing a HAP package.
Local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.
6.2
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
bundlemanager_bundle_framework
3.1.x<https://gitee.com/openharmony/bundlemanager_bundle_framework/pulls/3094>
Reported by OpenHarmony Team
The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.
CVE
severity
affected OpenHarmony versions
fix link
CVE-2022-47946
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/646>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/647>
CVE-2022-2196
Low
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/665>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/666>
CVE-2023-0047
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/631>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/632>
CVE-2023-23559
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2022-3640
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/659>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/660>
CVE-2022-47929
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/677>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/678>
CVE-2023-0179
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2023-0394
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/677>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/678>
CVE-2023-23454
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2023-23455
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/661>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/662>
CVE-2023-0590
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/687>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/688>
CVE-2023-0615
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/696>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/697>
CVE-2023-0045
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/696>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/697>
CVE-2023-20938
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/696>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/697>
CVE-2022-3176
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/553>
3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/561>
CVE-2023-0045
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/96>
3.0.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/97>
CVE-2022-3028
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/98>
3.0.x<https://gitee.com/openharmony/kernel_linux_4.19/pulls/99>
CVE-2020-36516
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/682>
CVE-2022-3341
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_ffmpeg/pulls/74>
3.0.x<https://gitee.com/openharmony/third_party_ffmpeg/pulls/73>
1.1.x<https://gitee.com/openharmony/device_hisilicon_third_party_ffmpeg/pulls/19>
CVE-2022-4450
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/80>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/81>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/82>
CVE-2023-0286
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/83>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/85>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/86>
CVE-2023-0215
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/83>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/85>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/86>
CVE-2022-4304
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/87>
3.0.x<https://gitee.com/openharmony/third_party_openssl/pulls/88>
1.1.x<https://gitee.com/openharmony/third_party_openssl/pulls/89>
CVE-2021-41751
Critical
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/101>
3.0.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/102>
CVE-2021-43453
Critical
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/103>
3.0.x<https://gitee.com/openharmony/third_party_jerryscript/pulls/104>
CVE-2022-1304
High
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
3.1.x<https://gitee.com/openharmony/third_party_e2fsprogs/pulls/51>
3.0.x<https://gitee.com/openharmony/third_party_e2fsprogs/pulls/52>
CVE-2023-23914
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/110>
3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/111>
1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/112>
CVE-2023-23915
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/110>
3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/111>
1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/112>
CVE-2023-23916
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS
3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/110>
3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/111>
1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/112>
CVE-2020-35538
Medium
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_flutter/pulls/250>
3.0.x<https://gitee.com/openharmony/third_party_flutter/pulls/251>
CVE-2022-37434
Critical
OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
3.1.x<https://gitee.com/openharmony/third_party_flutter/pulls/247>
3.0.x<https://gitee.com/openharmony/third_party_flutter/pulls/248>
1
0