漏洞标题
DDoS漏洞:无效口音颜色
漏洞描述信息
DoS漏洞:无效的重音颜色
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
DoS vulnerability: Invalid Accent Colors
漏洞描述信息
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The root cause was an unnecessary assert statement when converting an integer value into the corresponding enum value, causing an exception instead of a fallback to a default value. This issue is fixed in [wire-ios](https://github.com/wireapp/wire-ios/commit/caa0e27dbe51f9edfda8c7a9f017d93b8cfddefb) and in Wire for iOS 3.100. There is no workaround available, but users may use other Wire clients (such as the [web app](https://app.wire.com)) to continue using Wire, or upgrade their client.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
漏洞类别
可达断言
漏洞标题
Wire 安全漏洞
漏洞描述信息
Wire是德国Wire公司的一款聊天软件。该软件支持 Web、WindowsiOS、Android、OS X 平台,有群组功能,可以语音通话,发送照片以及其独创性的打招呼方式 PING。 Wire-ios存在安全漏洞,该漏洞源于应用中的无效强调色可能会导致iOS Wire 客户端在启动多次发生崩溃。
CVSS信息
N/A
漏洞类别
其他