CVE-2023-44093

2023-10-1110:36:21

huawei

www.cve.org

vulnerability

package names

public keys

verification

service confidentiality

0.001 Low

EPSS

Percentile

37.3%

JSON

Vulnerability of package names’ public keys not being verified in the security module.Successful exploitation of this vulnerability may affect service confidentiality.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HarmonyOS",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "3.1.0"
      },
      {
        "status": "affected",
        "version": "3.0.0"
      },
      {
        "status": "affected",
        "version": "2.1.0"
      },
      {
        "status": "affected",
        "version": "2.0.1"
      },
      {
        "status": "affected",
        "version": "2.0.0"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EMUI",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "13.0.0"
      },
      {
        "status": "affected",
        "version": "12.0.1"
      },
      {
        "status": "affected",
        "version": "12.0.0"
      },
      {
        "status": "affected",
        "version": "11.0.1"
      }
    ]
  }
]