代码拉取完成,页面将自动刷新
published September 6,2022
updated October 27,2022
| Vulnerability ID | related Vulnerability | Vulnerability Description | Vulnerability Impact | CVSS3.1 Base Score | affected versions | affected projects | fix link | reference |
|---|---|---|---|---|---|---|---|---|
| OpenHarmony-SA-2022-0901 | CVE-2022-36423 | Incorrect configuration of the cJSON library lead a Stack overflow vulnerability during recursive parsing. | LAN attackers can lead a DoS attack to all network devices. | 7.4 | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.0-LTS through OpenHarmony-v1.1.5-LTS |
third_party_cJSON |
3.1.x 3.1.x 3.0.x 3.0.x 1.1.x 1.1.x |
Reported by OpenHarmony Team |
| OpenHarmony-SA-2022-0902 | CVE-2022-38081 | Tokensync in security subsystem has a permission bypass vulnerability. | LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system. | 6.2 | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release | security_access_token | 3.1.x | Reported by OpenHarmony Team |
| OpenHarmony-SA-2022-0903 | CVE-2022-38701 | IPC in communication subsystem has a heap overflow vulnerability. | Local attackers can trigger a heap overflow and get network sensitive information. | 6.2 | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
communication_dsoftbus |
3.1.x 3.0.x |
Reported by OpenHarmony Team |
| OpenHarmony-SA-2022-0904 | CVE-2022-38064 | windowmanager in window subsystem has a permission bypass vulnerability. | Local attackers can bypass permission control and get sensitive information. | 6.2 | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release | windowmanager | 3.1.x | Reported by OpenHarmony Team |
| OpenHarmony-SA-2022-0905 | CVE-2022-38700 | multimedia subsystem has a permission bypass vulnerability. | LAN attackers can bypass permission control and get control of camera service. | 8.8 | OpenHarmony-v3.1-Release | multimedia_camera_framework | 3.1.x | Reported by OpenHarmony Team |
| CVE | severity | affected OpenHarmony versions | fix link |
|---|---|---|---|
| CVE-2022-34918 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-33981 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-33743 | Low | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-33742 | Low | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-33741 | Low | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-33740 | Low | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-32981 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-32296 | Low | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-32250 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-29582 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-27666 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS | 3.0.x |
| CVE-2022-26365 | Low | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-2380 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-2318 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-2153 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-21499 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-21166 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-21125 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-21123 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-20154 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-20153 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-20141 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-20132 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-20009 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS | 3.0.x |
| CVE-2022-1998 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1975 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1972 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1852 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-1836 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1789 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-1652 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2022-1508 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1205 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1204 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1198 | Medium | OpenHarmony-v3.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
3.1.x 3.0.x |
| CVE-2022-0644 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2021-45868 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS | 3.0.x |
| CVE-2021-4135 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2021-33061 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2021-28713 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2021-28712 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2021-28711 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS | 3.0.x |
| CVE-2021-26401 | Medium | OpenHarmony-v3.1-Release | 3.1.x |
| CVE-2022-37434 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.1-LTS through OpenHarmony-v1.1.5-LTS |
3.1.x 3.0.x 1.1.x |
| CVE-2022-1587 | Critical | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-1586 | Critical | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-2097 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-2068 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-30789 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-30788 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-30787 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-30786 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-30785 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-30784 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-30783 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2021-46790 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-32215 | Critical | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-32213 | Critical | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-32212 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-2097 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2021-46822 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release | 3.1.x |
| CVE-2022-2122 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1925 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1924 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1923 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1922 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1921 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-1920 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-34835 | Critical | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-30767 | Critical | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-30552 | High | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-32208 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-32207 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-32206 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
| CVE-2022-32205 | Medium | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS |
3.1.x 3.0.x |
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。