OpenHarmony 2023年03月安全公告 Security Vulnerabilities in March 2023

7 Mar 2023

      2023年03月安全漏洞

发布于2023.03.07
最后更新于2023.03.07
漏洞编号

相关漏洞

漏洞描述

漏洞影响

CVSS3.1基础得分

受影响的版本

受影响的仓库

修复链接

参考链接

OpenHarmony-SA-2023-0301

CVE-2023-24465

WLAN组件子系统通信设备服务的一个接口，在接受外部数据时存在空指针引用。

本地攻击者利用此漏洞，可导致当前应用crash。

5.5

OpenHarmony-v3.1-Release 到 OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS 到 OpenHarmony-v3.0.7-LTS

communication_wifi

3.1.xhttps://gitee.com/openharmony/communication_wifi/pulls/788
3.0.xhttps://gitee.com/openharmony/communication_wifi/pulls/862

本项目组上报

OpenHarmony-SA-2023-0302

CVE-2023-25947

包管理模块存在安装hap包时没有做有效性判断的漏洞。

本地攻击者利用此漏洞构造非法数据，在安装hap包时可以导致系统无响应。

6.2

OpenHarmony-v3.1-Release 到 OpenHarmony-v3.1.4-Release

bundlemanager_bundle_framework

3.1.xhttps://gitee.com/openharmony/bundlemanager_bundle_framework/pulls/3094

本项目组上报

以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。
CVE

严重程度

受影响的OpenHarmony版本

修复链接

CVE-2022-47946

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-2196

低

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/665
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/666

CVE-2023-0047

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/631
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/632

CVE-2023-23559

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2022-3640

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/659
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/660

CVE-2022-47929

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/677
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/678

CVE-2023-0179

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2023-0394

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/677
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/678

CVE-2023-23454

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2023-23455

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2023-0590

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/687
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/688

CVE-2023-0615

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/696
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/697

CVE-2023-0045

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/696
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/697

CVE-2023-20938

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/696
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/697

CVE-2022-3176

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/553
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/561

CVE-2023-0045

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/96
3.0.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/97

CVE-2022-3028

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/98
3.0.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/99

CVE-2020-36516

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/682

CVE-2022-3341

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/74
3.0.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/73
1.1.xhttps://gitee.com/openharmony/device_hisilicon_third_party_ffmpeg/pulls/19

CVE-2022-4450

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/80
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/81
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/82

CVE-2023-0286

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/83
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/85
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/86

CVE-2023-0215

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/83
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/85
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/86

CVE-2022-4304

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/87
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/88
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/89

CVE-2021-41751

严重

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/101
3.0.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/102

CVE-2021-43453

严重

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/103
3.0.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/104

CVE-2022-1304

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/third_party_e2fsprogs/pulls/51
3.0.xhttps://gitee.com/openharmony/third_party_e2fsprogs/pulls/52

CVE-2023-23914

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/110
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/111
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/112

CVE-2023-23915

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/110
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/111
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/112

CVE-2023-23916

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/110
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/111
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/112

CVE-2020-35538

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_flutter/pulls/250
3.0.xhttps://gitee.com/openharmony/third_party_flutter/pulls/251

CVE-2022-37434

严重

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_flutter/pulls/247
3.0.xhttps://gitee.com/openharmony/third_party_flutter/pulls/248

Security Vulnerabilities in Feburary 2023

published March 7,2023
updated March 7,2023
Vulnerability ID

related Vulnerability

Vulnerability Description

Vulnerability Impact

CVSS3.1 Base Score

affected versions

affected projects

fix link

reference

OpenHarmony-SA-2023-0301

CVE-2023-24465

Communication Wi-Fi subsystem has a null pointer reference vulnerability when receiving external data.

Local attackers can exploit this vulnerability to cause the current application to crash.

5.5

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

communication_wifi

3.1.xhttps://gitee.com/openharmony/communication_wifi/pulls/788
3.0.xhttps://gitee.com/openharmony/communication_wifi/pulls/862

Reported by OpenHarmony Team

OpenHarmony-SA-2023-0302

CVE-2023-25947

The bundle management subsystem has a improper input validation when installing a HAP package.

Local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.

6.2

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release

bundlemanager_bundle_framework

3.1.xhttps://gitee.com/openharmony/bundlemanager_bundle_framework/pulls/3094

Reported by OpenHarmony Team

The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.
CVE

severity

affected OpenHarmony versions

fix link

CVE-2022-47946

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-2196

Low

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/665
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/666

CVE-2023-0047

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/631
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/632

CVE-2023-23559

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2022-3640

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/659
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/660

CVE-2022-47929

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/677
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/678

CVE-2023-0179

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2023-0394

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/677
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/678

CVE-2023-23454

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2023-23455

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/661
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/662

CVE-2023-0590

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/687
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/688

CVE-2023-0615

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/696
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/697

CVE-2023-0045

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/696
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/697

CVE-2023-20938

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/696
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/697

CVE-2022-3176

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/553
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/561

CVE-2023-0045

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/96
3.0.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/97

CVE-2022-3028

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/98
3.0.xhttps://gitee.com/openharmony/kernel_linux_4.19/pulls/99

CVE-2020-36516

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/682

CVE-2022-3341

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/74
3.0.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/73
1.1.xhttps://gitee.com/openharmony/device_hisilicon_third_party_ffmpeg/pulls/19

CVE-2022-4450

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/80
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/81
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/82

CVE-2023-0286

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/83
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/85
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/86

CVE-2023-0215

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/83
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/85
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/86

CVE-2022-4304

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/87
3.0.xhttps://gitee.com/openharmony/third_party_openssl/pulls/88
1.1.xhttps://gitee.com/openharmony/third_party_openssl/pulls/89

CVE-2021-41751

Critical

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/101
3.0.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/102

CVE-2021-43453

Critical

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/103
3.0.xhttps://gitee.com/openharmony/third_party_jerryscript/pulls/104

CVE-2022-1304

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/third_party_e2fsprogs/pulls/51
3.0.xhttps://gitee.com/openharmony/third_party_e2fsprogs/pulls/52

CVE-2023-23914

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/110
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/111
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/112

CVE-2023-23915

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/110
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/111
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/112

CVE-2023-23916

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.0.1-release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/110
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/111
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/112

CVE-2020-35538

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_flutter/pulls/250
3.0.xhttps://gitee.com/openharmony/third_party_flutter/pulls/251

CVE-2022-37434

Critical

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.6-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.8-LTS

3.1.xhttps://gitee.com/openharmony/third_party_flutter/pulls/247
3.0.xhttps://gitee.com/openharmony/third_party_flutter/pulls/248

Liuxu (louis)

tags

participants (1)