What is CVE-2022-31009?

CVE-2022-31009 is a medium-severity vulnerability in Wireapp Wire-ios, classified under Reachable Assertion. CVSS score: 5.7/10. Published 2022-06-23.

How severe is CVE-2022-31009?

Medium severity. CVSS v3 base score is 5.7 out of 10.

Vulnerability in Wireapp Wire-ios

CVE-2022-31009

wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid acce…

EPSS: 0.003 (49.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.7 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H.

Affected products

Wireapp Wire-ios — versions < 3.100

Weakness classification (CWE)

CWE-617 — Reachable Assertion

References

github.com/wireapp/wire-ios/security/advisories/GHSA-83m6-p7x5-925j (x_refsource_CONFIRM)
github.com/wireapp/wire-ios/commit/caa0e27dbe51f9edfda8c7a9f017d93b8cfddefb (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-31009?: CVE-2022-31009 is a medium-severity vulnerability in Wireapp Wire-ios, classified under Reachable Assertion. CVSS score: 5.7/10. Published 2022-06-23.
How severe is CVE-2022-31009?: Medium severity. CVSS v3 base score is 5.7 out of 10.