Описание
wire-avs provides Audio, Visual, and Signaling (AVS) functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 9.2.22 & 9.3.5 and is already included on all Wire products. No known workarounds are available.
Ссылки
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.2.22 (исключая)Версия от 9.3.0 (включая) до 9.3.5 (включая)
Одно из
cpe:2.3:a:wire:audio\,_video\,_and_signaling:*:*:*:*:*:*:*:*
cpe:2.3:a:wire:audio\,_video\,_and_signaling:*:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00894
Низкий
7.3 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-134
EPSS
Процентиль: 75%
0.00894
Низкий
7.3 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-134