Описание
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions,
OpenHarmony-v3.0.7 and prior versions
has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0 (включая) до 3.0.7 (включая)Версия от 3.1 (включая) до 3.1.5 (включая)
Одно из
cpe:2.3:o:openatom:openharmony:*:*:*:*:lts:*:*:*
cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*
EPSS
Процентиль: 7%
0.00026
Низкий
4 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-843
CWE-843
Связанные уязвимости
CVSS3: 5.5
github
почти 3 года назад
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.
EPSS
Процентиль: 7%
0.00026
Низкий
4 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-843
CWE-843