CVE-2022-36423
7.4
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OpenHarmony | OpenHarmony | OpenHarmony-v3.1.x-Release <= 3.1.2 | affected |
| OpenHarmony | OpenHarmony | OpenHarmony-v3.0.x-LTS <= 3.0.5 | affected |
| OpenHarmony | OpenHarmony | OpenHarmony-v1.1.x-LTS <= 1.1.5 | affected |
Weaknesses
- CWE-16: CWE-16 Configuration
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.