2022年12月安全漏洞

发布于2022.12.06
最后更新于2022.12.06

漏洞编号	相关漏洞	漏洞描述	漏洞影响	CVSS3.1基础得分	受影响的版本	受影响的仓库	修复链接	参考链接
OpenHarmony-SA-2022-1201	CVE-2022-45877	跨设备认证中pin码会明文传输到对端设备进行校验，会降低中间人攻击的难度。	攻击者可在局域网发起攻击，绕过权限管控机制，降低中间人攻击的难度。	8.3	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release	distributedhardware_device_manager applications_hap security_device_auth	3.1.x 3.1.x 3.1.x	本项目组上报
OpenHarmony-SA-2022-1202	CVE-2022-41802	内核子系统kernel_liteos_a中系统调用SysClockGetres存在泄漏内核栈的漏洞。	攻击者可在本地发起攻击，导致编译器自动填充的4字节数据被误拷贝到用户空间，造成内核栈上泄漏4字节内容。	4.0	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-LTS到OpenHarmony-v1.1.5-LTS	kernel_liteos_a	3.1.x 3.0.x 1.1.x	研究者上报
OpenHarmony-SA-2022-1203	CVE-2022-45126	内核子系统kernel_liteos_a中系统调用SysClockGettime存在泄漏内核栈的漏洞。	攻击者可在本地发起攻击，导致编译器自动填充的4字节数据被误拷贝到用户空间，造成内核栈上泄漏4字节内容。	4.0	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-LTS到OpenHarmony-v1.1.5-LTS	kernel_liteos_a	3.1.x 3.0.x 1.1.x	研究者上报
OpenHarmony-SA-2022-1204	CVE-2022-43662	内核子系统kernel_liteos_a中系统调用SysTimerGettime存在泄漏内核栈的漏洞。	攻击者可在本地发起攻击，导致编译器自动填充的4字节数据被误拷贝到用户空间，造成内核栈上泄漏4字节内容。	4.0	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-LTS到OpenHarmony-v1.1.5-LTS	kernel_liteos_a	3.1.x 3.0.x 1.1.x	研究者上报
OpenHarmony-SA-2022-1205	CVE-2022-44455	appspawn and nwebspawn服务对输入缺少校验，存在内存溢出漏洞。	攻击者可在本地发起攻击，恶意应用可以提升权限或造成应用崩溃。	6.8	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	startup_appspawn	3.1.x 3.0.x	本项目组上报
OpenHarmony-SA-2022-1206	CVE-2022-45118	通信子系统telephony发送公共事件时带有个人数据，但缺少权限设置。	攻击者可在本地发起攻击，恶意应用可以无权限监听广播获取手机号、短信数据等信息。	6.2	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release	telephony_state_registry telephony_sms_mms	3.1.x 3.1.x	本项目组上报

以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。

CVE	严重程度	受影响的OpenHarmony版本	修复链接
CVE-2022-20422	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3303	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42703	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41222	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3239	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-20423	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41850	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3586	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3625	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42432	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3633	低	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3635	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3629	低	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3623	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3646	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3621	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3567	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-43750	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3545	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3523	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-2602	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3628	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-40768	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3566	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3577	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3606	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3649	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3564	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-20409	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41849	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-20421	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3435	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42719	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42720	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42721	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42722	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41674	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3535	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3521	低	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3524	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3534	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3542	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release	3.1.x
CVE-2022-3565	中	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3594	高	OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x

Security Vulnerabilities in December 2022

published December 6,2022
updated December 6,2022

Vulnerability ID	related Vulnerability	Vulnerability Description	Vulnerability Impact	CVSS3.1 Base Score	affected versions	affected projects	fix link	reference
OpenHarmony-SA-2022-1201	CVE-2022-45877	PIN code is transmitted to the peer device in plain text during cross-device authentication, which reduces the difficulty of man-in-the-middle attacks.	Network attackers can bypass the authentication, which reduces the difficulty of man-in-the-middle attacks.	8.3	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release	distributedhardware_device_manager applications_hap security_device_auth	3.1.x 3.1.x 3.1.x	Reported by OpenHarmony Team
OpenHarmony-SA-2022-1202	CVE-2022-41802	Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres.	4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.	4.0	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-LTS through OpenHarmony-v1.1.5-LTS	kernel_liteos_a	3.1.x 3.0.x 1.1.x	Reported by Researchers
OpenHarmony-SA-2022-1203	CVE-2022-45126	Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime.	4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.	4.0	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-LTS through OpenHarmony-v1.1.5-LTS	kernel_liteos_a	3.1.x 3.0.x 1.1.x	Reported by Researchers
OpenHarmony-SA-2022-1204	CVE-2022-43662	Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime.	4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.	4.0	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-LTS through OpenHarmony-v1.1.5-LTS	kernel_liteos_a	3.1.x 3.0.x 1.1.x	Reported by Researchers
OpenHarmony-SA-2022-1205	CVE-2022-44455	The appspawn and nwebspawn services were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation.	An unprivileged malicious application would be able to gain code execution within any application installed on the device or cause application crash.	6.8	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	startup_appspawn	3.1.x 3.0.x	Reported by OpenHarmony Team
OpenHarmony-SA-2022-1206	CVE-2022-45118	Telephony in communication subsystem sends public events with personal data, but the permission is not set.	Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions.	6.2	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release	telephony_state_registry telephony_sms_mms	3.1.x 3.1.x	Reported by OpenHarmony Team

The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.

CVE	severity	affected OpenHarmony versions	fix link
CVE-2022-20422	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3303	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42703	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41222	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3239	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-20423	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41850	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3586	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3625	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42432	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3633	Low	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3635	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3629	Low	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3623	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3646	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3621	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3567	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-43750	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3545	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3523	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-2602	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3628	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-40768	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3566	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3577	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3606	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3649	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3564	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-20409	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41849	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-20421	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3435	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42719	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42720	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42721	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-42722	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-41674	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3535	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3521	Low	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3524	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3534	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3542	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release	3.1.x
CVE-2022-3565	Medium	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x
CVE-2022-3594	High	OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS	3.1.x 3.0.x