Vulnerabilities > Wire > Wire
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-27 | CVE-2020-27853 | Use of Externally-Controlled Format String vulnerability in Wire products Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a format string. | 7.5 |
2020-10-16 | CVE-2020-15258 | Improper Input Validation vulnerability in Wire In Wire before 3.20.x, `shell.openExternal` was used without checking the URL. | 6.0 |
2018-03-22 | CVE-2018-8909 | Path Traversal vulnerability in Wire The Wire application before 2018-03-07 for Android allows attackers to write to pathnames outside of the downloads directory via a ../ in a filename of a received file, related to AssetService.scala. | 5.0 |