VYPR
Medium severity6.5NVD Advisory· Published Jun 3, 2021· Updated Jun 17, 2026

CVE-2021-32666

CVE-2021-32666

Description

wire-ios is the iOS version of Wire, an open-source secure messaging app. In wire-ios versions 3.8.0 and prior, a vulnerability exists that can cause a denial of service between users. If a user has an invalid assetID for their profile picture and it contains the " character, it will cause the iOS client to crash. The vulnerability is patched in wire-ios version 3.8.1.

Affected products

2
  • Wordapp/Wire Iosllm-create2 versions
    <=3.8.0+ 1 more
    • (no CPE)range: <=3.8.0
    • (no CPE)range: <= 3.8.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.