Sign in
Sign up
Explore
Enterprise
Education
Search
Help
Terms of use
About Us
Explore
Enterprise
Education
Gitee Premium
Gitee AI
AI teammates
Sign in
Sign up
Fetch the repository succeeded.
description of repo status
Donate
Please sign in before you donate.
Cancel
Sign in
Scan WeChat QR to Pay
Cancel
Complete
Prompt
Switch to Alipay.
OK
Cancel
Watch
Unwatch
Watching
Releases Only
Ignoring
16
Star
66
Fork
150
OpenHarmony
/
third_party_mbedtls
Closed
Code
Issues
0
Pull Requests
1
Wiki
Insights
Pipelines
Service
JavaDoc
PHPDoc
Quality Analysis
Jenkins for Gitee
Tencent CloudBase
Tencent Cloud Serverless
悬镜安全
Aliyun SAE
Codeblitz
SBOM
Don’t show this again
Update failed. Please try again later!
Remove this flag
Content Risk Flag
This task is identified by
as the content contains sensitive information such as code security bugs, privacy leaks, etc., so it is only accessible to contributors of this repository.
【版本号:1.1.3】组件mbed tls 2.16.8存在4个未修复漏洞
Done
#I4AJ6T
安全问题
张杰
Opened this issue
2021-09-17 16:06
【模块名_概率】简要描述: 【OpenHarmony】【版本号:1.1.3】组件mbed tls 2.16.8存在4个未修复漏洞 【环境信息】:3516;3518 软件版本信息或tag节点 【预置条件】: 【测试步骤】: 1、 将软件版本上传到安全测试云使用Secbinaycheck进行扫描 release版本: LTS_L1_Aries_hi3518-copy-release-3518: version url: http://download.ci.openharmony.cn/version/Release_Version/OpenHarmony_release_1.0.1.005/20210915_001709/version-Release_Version-OpenHarmony_release_1.0.1.005-20210915_001709-hispark_aries.tar.gz LTS_L1_Taurus_hi3516-copy-release-3516: version url: http://download.ci.openharmony.cn/version/Release_Version/OpenHarmony_release_1.0.1.005/20210915_001114/version-Release_Version-OpenHarmony_release_1.0.1.005-20210915_001114-hispark_taurus.tar.gz 2、 查看扫描结果是否有组件存在未修复的漏洞 【预期结果】: 2、 不存在未修复的漏洞 【实际结果】: 2、 组件mbed tls 2.16.8存在4个未修复漏洞 【恢复手段】: 【出现概率】:问题出现次数/实际测试次数 3/3 【定位信息】: Component Version CVE CVSS Version CVSS mbed tls 2.16.8 CVE-2021-24119 3.0 4.9 mbed tls 2.16.8 CVE-2020-36475 3.0 7.5 mbed tls 2.16.8 CVE-2020-36477 3.0 5.9 mbed tls 2.16.8 CVE-2020-36478 3.0 7.5
【模块名_概率】简要描述: 【OpenHarmony】【版本号:1.1.3】组件mbed tls 2.16.8存在4个未修复漏洞 【环境信息】:3516;3518 软件版本信息或tag节点 【预置条件】: 【测试步骤】: 1、 将软件版本上传到安全测试云使用Secbinaycheck进行扫描 release版本: LTS_L1_Aries_hi3518-copy-release-3518: version url: http://download.ci.openharmony.cn/version/Release_Version/OpenHarmony_release_1.0.1.005/20210915_001709/version-Release_Version-OpenHarmony_release_1.0.1.005-20210915_001709-hispark_aries.tar.gz LTS_L1_Taurus_hi3516-copy-release-3516: version url: http://download.ci.openharmony.cn/version/Release_Version/OpenHarmony_release_1.0.1.005/20210915_001114/version-Release_Version-OpenHarmony_release_1.0.1.005-20210915_001114-hispark_taurus.tar.gz 2、 查看扫描结果是否有组件存在未修复的漏洞 【预期结果】: 2、 不存在未修复的漏洞 【实际结果】: 2、 组件mbed tls 2.16.8存在4个未修复漏洞 【恢复手段】: 【出现概率】:问题出现次数/实际测试次数 3/3 【定位信息】: Component Version CVE CVSS Version CVSS mbed tls 2.16.8 CVE-2021-24119 3.0 4.9 mbed tls 2.16.8 CVE-2020-36475 3.0 7.5 mbed tls 2.16.8 CVE-2020-36477 3.0 5.9 mbed tls 2.16.8 CVE-2020-36478 3.0 7.5
Comments (
0
)
Sign in
to comment
Status
Done
Backlog
Confirmed
技术评审中
Fixing
验收中
Done
Canceled
Declined
挂起
Assignees
Not set
Labels
Integration_Test
Not set
Projects
Unprojected
Unprojected
Milestones
No related milestones
No related milestones
Pull Requests
None yet
None yet
Successfully merging a pull request will close this issue.
Branches
No related branch
Branches (237)
Tags (60)
master
OpenHarmony-5.0.3-Release
OpenHarmony-6.0-Release
weekly_20250811
weekly_20250818
weekly_20250825
weekly_20250901
weekly_20250908
weekly_20250728
weekly_20250804
weekly_20250721
weekly_20250714
OpenHarmony-6.0-Beta1
OpenHarmony_feature_20250702
OpenHarmony_feature_Release_20250728
weekly_20250519
weekly_20250526
weekly_20250602
weekly_20250609
weekly_20250616
weekly_20250623
weekly_20250630
weekly_20250707
weekly_20250512
OpenHarmony-5.1.0-Release
OpenHarmony_feature_20250327
OpenHarmony_feature_20250328
OpenHarmony_feature_20250424
OpenHarmony_feature_Release_20250411
OpenHarmony_feature_release_20250603
OpenHarmony_foundation_20250415
OpenHarmony_foundation_release_20250415
weekly_20250310
weekly_20250317
weekly_20250324
weekly_20250331
weekly_20250407
weekly_20250414
weekly_20250421
weekly_20250428
weekly_20250505
weekly_20250113
weekly_20250120
weekly_20250127
weekly_20250203
weekly_20250210
weekly_20250217
weekly_20250224
weekly_20250303
weekly_20241230
weekly_20250106
weekly_20241202
weekly_20241209
weekly_20241216
weekly_20241223
OpenHarmony-5.0.1-Release
OpenHarmony-5.0.2-Release
OpenHarmony_debug_20250219
OpenHarmony_debug_20250224
OpenHarmony_debug_20250227
OpenHarmony_UIPlugin_20250323
OpenHarmony_feature_202401017
OpenHarmony_feature_20241108
OpenHarmony_feature_20241121
weekly_20241014
weekly_20241021
weekly_20241028
weekly_20241104
weekly_20241111
weekly_20241118
weekly_20241125
OpenHarmony-5.0-Release
OpenHarmony-5.0.0-Release
OpenHarmony_debug_20240926
weekly_20240916
weekly_20240923
weekly_20240930
weekly_20241007
weekly_20240909
OpenHarmony-4.1-Release
OpenHarmony_debug_20240815
OpenHarmony_debug_20240822
weekly_20240812
weekly_20240819
weekly_20240826
weekly_20240902
weekly_20240722
weekly_20240729
weekly_20240805
revert-merge-114-master
OpenHarmony_ArkUI_Upstream_2024
OpenHarmony_debug_20240717
OpenHarmony-5.0-Beta1
OpenHarmony_debug_20240603
OpenHarmony_debug_20240606
OpenHarmony_debug_20240704
kernel_from_master0513_20240515
kernel_from_weekly0422_20240511
weekly_20240422
weekly_20240429
weekly_20240506
weekly_20240513
weekly_20240520
weekly_20240527
weekly_20240603
weekly_20240610
weekly_20240617
weekly_20240624
weekly_20240701
weekly_20240708
weekly_20240715
weekly_20240325
weekly_20240401
weekly_20240408
weekly_20240415
OpenHarmony-4.0-Release
weekly_20240304
weekly_20240311
weekly_20240318
weekly_20240101
weekly_20240108
weekly_20240115
weekly_20240122
weekly_20240129
weekly_20240205
weekly_20240212
weekly_20240219
weekly_20240226
OpenHarmony-4.1-Beta1
weekly_20231127
weekly_20231204
weekly_20231211
weekly_20231218
weekly_20231225
weekly_20231120
weekly_20231114
weekly_20231024
weekly_20231031
weekly_20231107
weekly_20230822
weekly_20230829
weekly_20230905
weekly_20230912
weekly_20230919
weekly_20230926
weekly_20231003
weekly_20231010
weekly_20231017
monthly_20230815
weekly_20230815
weekly_20230808
OpenHarmony-4.0-Beta2
weekly_20230704
weekly_20230712
weekly_20230725
weekly_20230801
weekly_20230606
weekly_20230613
weekly_20230619
weekly_20230626
weekly_20230627
weekly_20230530
OpenHarmony-3.0-LTS
OpenHarmony-3.2-Release
OpenHarmony-4.0-Beta1
weekly_20230411
weekly_20230418
weekly_20230425
weekly_20230502
weekly_20230509
weekly_20230516
weekly_20230523
OpenHarmony-3.1-Release
OpenHarmony-3.2-Beta5
monthly_20221018
weekly_20230124
weekly_20230131
weekly_20230207
weekly_20230214
weekly_20230221
weekly_20230228
weekly_20230307
weekly_20230314
weekly_20230321
weekly_20230328
weekly_20230404
weekly_20230117
weekly_20230110
OpenHarmony-3.2-Beta4
weekly_20221018
weekly_20221025
weekly_20221101
weekly_20221108
weekly_20221115
weekly_20221122
weekly_20221129
weekly_20221206
weekly_20221213
weekly_20221220
weekly_20221227
weekly_20230103
OpenHarmony-3.2-Beta3
weekly_20221011
feature_IDL_20220811
monthly_20220816
OpenHarmony-3.2-Beta2
weekly_20220621
weekly_20220628
monthly_20220614
OpenHarmony_filemanager_develop_20220614
weekly_20220524
weekly_20220531
weekly_20220607
weekly_20220614
OpenHarmony-3.1-API8-SDK-Public
OpenHarmony-3.2-Beta1
OpenHarmony_filemanager_develop_20220505
weekly_20220406
weekly_20220412
weekly_20220419
weekly_20220426
weekly_20220503
weekly_20220510
OpenHarmony-3.1-API9-SDK-Canary
weekly_20220125
weekly_20220201
weekly_20220208
weekly_20220215
weekly_20220222
weekly_20220301
OpenHarmony-2.2-Beta2
weekly_20220105
weekly_20220111
weekly_20220118
OpenHarmony_1.0.1_release
OpenHarmony-3.1-Beta
OpenHarmony-v2.2-Beta
OpenHarmony-v6.0-Release
OpenHarmony-v6.0-Beta1
OpenHarmony-v4.1.4-Release
OpenHarmony-v5.1.0-Release
OpenHarmony-v5.0.3-Release
OpenHarmony-v4.1.3-Release
OpenHarmony-v5.0.2-Release
OpenHarmony-v4.1.2-Release
OpenHarmony-v5.0.1-Release
OpenHarmony-v4.0.4-Release
OpenHarmony-v5.0.0-Release
OpenHarmony-v4.0.3-Release
OpenHarmony-v4.0.2-Release
OpenHarmony-v5.0-Beta1
OpenHarmony-v4.0.1-Release
OpenHarmony-v4.1-Release
OpenHarmony-v4.1.1-Release
master-v
weekly_20240115-v
OpenHarmony-v4.1-Beta1
OpenHarmony-v4.0-Release
OpenHarmony-v4.0-Beta2
OpenHarmony-v3.2.1-Release
OpenHarmony-v3.2.2-Release
OpenHarmony-v3.2.3-Release
OpenHarmony-v3.2.4-Release
OpenHarmony-v3.2-Release
OpenHarmony-v4.0-Beta1
OpenHarmony-v3.1.7-Release
OpenHarmony-v3.2-Beta5
OpenHarmony-v3.2-Beta4
OpenHarmony-v3.2-Beta3
OpenHarmony-v3.2-Beta2
OpenHarmony-v3.1.1-Release
OpenHarmony-v3.1.2-Release
OpenHarmony-v3.1.3-Release
OpenHarmony-v3.1.4-Release
OpenHarmony-v3.1.5-Release
OpenHarmony-v3.1.6-Release
OpenHarmony-v3.2-Beta1
OpenHarmony-v3.1-Release
OpenHarmony-v3.0.2-LTS
OpenHarmony-v3.0.3-LTS
OpenHarmony-v3.0.5-LTS
OpenHarmony-v3.0.6-LTS
OpenHarmony-v3.0.7-LTS
OpenHarmony-v3.0.8-LTS
OpenHarmony-v1.1.4-LTS
OpenHarmony-v1.1.5-LTS
OpenHarmony-v3.1-Beta
OpenHarmony-v3.0.1-LTS
OpenHarmony-v3.0-LTS
OpenHarmony-v3.0-Beta1
OpenHarmony-v2.2-Beta2
OpenHarmony_release_v1.1.0
OpenHarmony-2.0-Canary
OpenHarmony-v1.1.1-LTS
OpenHarmony-v1.1.2-LTS
OpenHarmony-v1.1.3-LTS
OpenHarmony-1.0
Planed to start - Planed to end
-
Top level
Not Top
Top Level: High
Top Level: Medium
Top Level: Low
Priority
Not specified
Serious
Main
Secondary
Unimportant
Duration
(hours)
参与者(1)
1
https://gitee.com/openharmony/third_party_mbedtls.git
git@gitee.com:openharmony/third_party_mbedtls.git
openharmony
third_party_mbedtls
third_party_mbedtls
Going to Help Center
Search
Git 命令在线学习
如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
Comment
Repository Report
Back to the top
Login prompt
This operation requires login to the code cloud account. Please log in before operating.
Go to login
No account. Register
