Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.
References
Link | Resource |
---|---|
https://github.com/wireapp/wire-ios/commit/7e3c30120066c9b10e50cc0d20012d0849c33a40 | Patch Third Party Advisory |
https://github.com/wireapp/wire-ios/pull/4879 | Patch Third Party Advisory |
https://github.com/wireapp/wire-ios/security/advisories/GHSA-7fg4-x8vj-qvxf | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2021-02-11T18:05:19
Updated: 2021-02-11T18:05:19
Reserved: 2020-12-22T00:00:00
Link: CVE-2021-21301
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-02-11T18:15:16.910
Modified: 2021-04-20T20:51:08.650
Link: CVE-2021-21301
JSON object: View
Redhat Information
No data.
CWE