wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 7.1.12. There are currently no known workarounds.
References
Link | Resource |
---|---|
https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe | Patch Third Party Advisory |
https://github.com/wireapp/wire-avs/security/advisories/GHSA-2j6v-xpf3-xvrv | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-03-01T18:25:22
Updated: 2022-03-01T18:25:22
Reserved: 2021-09-15T00:00:00
Link: CVE-2021-41193
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-01T19:15:08.403
Modified: 2022-03-09T14:39:04.040
Link: CVE-2021-41193
JSON object: View
Redhat Information
No data.
CWE