## 2023年05月安全漏洞
_发布于2023.05.09_<br/>
_最后更新于2023.05.09_

### 以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。
| CVE            | 严重程度 | CVSS 3.1得分 |受影响的仓库 | 受影响的OpenHarmony版本                                      | 修复链接                                                     |
| -------------- | -------- | ------------ |-------------| ------------------------------------------------------------ | ------------------------------------------------------------ |
| CVE-2021-36647 | 中       | 4.7 |third_party_mbedtls<br/>device_hisilicon_hispark_taurus| OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.0.x](https://gitee.com/openharmony/third_party_mbedtls/pulls/86)<br/>[3.0.x](https://gitee.com/openharmony/device_hisilicon_hispark_taurus/pulls/129) |
| CVE-2023-1382  | 中       | 5.5 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/804)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/805) |
| CVE-2023-0386  | 中       | 5.3 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/119)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/120) |
| CVE-2023-1281  | 高       | 7.8 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2023-28772 | 高       | 7.8 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/119)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/120) |
| CVE-2023-1637  | 低       | 3.3 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/119)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/120) |
| CVE-2021-3923  | 低       | 3.3 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/119)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/120) |
| CVE-2023-1380  | 高       | 7.1 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2023-1582  | 中       | 4.7 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/765)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/766) |
| CVE-2022-48434 | 高       | 8.1 |third_party_ffmpeg| OpenHarmony-v3.2-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_ffmpeg/pulls/81)<br/>[3.1.x](https://gitee.com/openharmony/third_party_ffmpeg/pulls/82)<br/>[3.0.x](https://gitee.com/openharmony/third_party_ffmpeg/pulls/83) |
| CVE-2023-1838  | 中       | 5.3 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/773)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/774) |
| CVE-2023-1838  | 中       | 5.3 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/124)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/125) |
| CVE-2023-1855  | 中       | 6.3 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2023-30456 | 高       | 7.8 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2022-45934 | 高       | 7.8 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/129)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/130) |
| CVE-2022-2978  | 高       | 7.8 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/121)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/122) |
| CVE-2022-29581 | 高       | 7.8 |kernel_linux_4.19| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/124)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_4.19/pulls/125) |
| CVE-2023-1989  | 高       | 7.0 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2023-1829  | 高       | 7.8 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2023-1990  | 中       | 4.8 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2023-1859  | 中       | 6.4 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/802)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/803) |
| CVE-2023-2004  | 中       | 5.3 |third_party_freetype| OpenHarmony-v3.2-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_freetype/pulls/51)<br/>[3.1.x](https://gitee.com/openharmony/third_party_freetype/pulls/52)<br/>[3.0.x](https://gitee.com/openharmony/third_party_freetype/pulls/53) |
| CVE-2023-2006  | 高       | 7.8 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/811)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/812) |
| CVE-2023-2008  | 高       | 7.8 |kernel_linux_5.10| OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/787)<br/>[3.0.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/788) |