|OpenHarmony-SA-2022-0701 | NA | The bluetooth in communication subsystem has a DoS vulnerability. | Local attackers can trigger a large loop and crash the process. |OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS|communication_bluetooth| [3.0.x](https://gitee.com/openharmony/communication_bluetooth/pulls/179) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2022-0702 | NA | The updater in update subsystem has a null pointer reference vulnerability. | Local attackers can input a nullptr and crash the process. |OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS|update_updater| [3.0.x](https://gitee.com/openharmony/update_updater/pulls/101) |Reported by OpenHarmony Team|
|OpenHarmony-SA-2022-0703 | NA | The dsoftbus in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack". | Local attackers can bypass authentication and get system control. |OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS|communication_dsoftbus| [3.0.x](https://gitee.com/openharmony/communication_dsoftbus/pulls/142) |Reported by OpenHarmony Team|
### The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.
| CVE-2022-1292 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release |[3.0.x](https://gitee.com/openharmony/third_party_openssl/pulls/48)<br/>[3.1.x](https://gitee.com/openharmony/third_party_openssl/pulls/49) |
| CVE-2022-27781 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release<br/>OpenHarmony-v1.1.0-Release through OpenHarmony-v1.1.4-LTS |[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/63)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/61)<br/>[1.1.x](https://gitee.com/openharmony/third_party_curl/pulls/60) |
| CVE-2022-27782 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release<br/>OpenHarmony-v1.1.0-Release through OpenHarmony-v1.1.4-LTS |[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/63)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/61)<br/>[1.1.x](https://gitee.com/openharmony/third_party_curl/pulls/60) |
| CVE-2022-0168 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/218)<br/>[3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/214) |
| CVE-2022-0330 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/218)<br/>[3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/214) |
| CVE-2022-0001 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/202)<br/>[3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/214) |
| CVE-2022-0002 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/202)<br/>[3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/214) |
| CVE-2022-23960 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/201)<br/>[3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/214) |
| CVE-2022-0322 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/201) |
| CVE-2021-32078 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/198) |
| CVE-2021-38205 | Low | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/198) |
| CVE-2021-38166 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/198) |
| CVE-2021-42739 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/198) |
| CVE-2022-0854 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/194) |
| CVE-2022-23037 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/190) |
| CVE-2022-23039 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/190) |
| CVE-2022-23040 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/190) |
| CVE-2022-23038 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/190) |
| CVE-2022-23041 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/190) |
| CVE-2022-23042 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/190) |
| CVE-2022-23036 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/190) |
| CVE-2022-0998 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS<br/>OpenHarmony-v3.1-Release |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/181)<br/>[3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/214) |
| CVE-2021-4203 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/180) |
| CVE-2021-39633 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/180) |
| CVE-2021-46283 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/180) |
| CVE-2021-4149 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/180) |
| CVE-2021-4204 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/163) |
| CVE-2021-3640 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-3669 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-3759 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-3752 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2020-27820 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-43976 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-43975 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-4001 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-4002 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-4037 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2020-12363 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2020-12364 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/152) |
| CVE-2021-39685 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-4083 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-45095 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-44733 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-45469 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-4197 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-45480 | Medium | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-4155 | Low | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |
| CVE-2021-4202 | High | OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/144) |