CVE-2022-31009

Name of the Vulnerable Software and Affected Versions wire-ios versions prior to 3.100

Description The issue arises from invalid accent colors of Wire communication partners, which can cause the iOS Wire Client to crash multiple times on launch. These invalid accent colors can be sent between Wire users. The root cause is an unnecessary assert statement when converting an integer value into the corresponding enum value, causing an exception instead of a fallback to a default value.

Recommendations For versions prior to 3.100, upgrade to Wire for iOS 3.100 to resolve the issue. As a temporary workaround, consider using other Wire clients, such as the web app, to continue using Wire until the client can be upgraded.