漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Expired Ephemeral Messages not reliably removed in wire-webapp
Vulnerability Description
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions before 2022-01-27-production.0 ephemeral messages and assets might still be accessible through the local search functionality. Any attempt to view one of these message in the chat view will then trigger the deletion. This issue only affects locally stored messages. On premise instances of wire-webapp need to be updated to 2022-01-27-production.0, so that their users are no longer affected. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
敏感数据的不恰当跨边界移除
Vulnerability Title
Wire 安全漏洞
Vulnerability Description
Wire是个人开发者的一款聊天软件。该软件支持 Web、WindowsiOS、Android、OS X 平台,有群组功能,可以语音通话,发送照片以及其独创性的打招呼方式 PING。 Wire webapp 存在安全漏洞,该漏洞源于没有可靠地从Wire Webapp的本地聊天历史中删除0个过期的临时消息,临时消息和资产仍然可以通过本地搜索功能访问。任何在聊天视图中查看这些消息的尝试都会触发删除。
CVSS Information
N/A
Vulnerability Type
N/A