CVE-2023-48221
CVSS V2 None
CVSS V3 None
Description
wire-avs provides Audio, Visual, and Signaling (AVS) functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 9.2.22 & 9.3.5 and is already included on all Wire products. No known workarounds are available.
Overview
- CVE ID
- CVE-2023-48221
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-20T17:18:19.030Z
- Last Modified Date
- 2023-11-20T17:18:19.030Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/wireapp/wire-avs/security/advisories/GHSA-m4xg-fcr3-w3pq | x_refsource_CONFIRM |
| https://github.com/wireapp/wire-avs/commit/364c3326a1331a84607bce2e17126306d39150cd | x_refsource_MISC |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-48221 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48221 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 23:41:40 | Added to TrackCVE |