Please check Wire's global SECURITY.md.
Security: wireapp/wire-webapp
Security
SECURITY.md
-
Insufficient Session Invalidation after User LogoutGHSA-7r6m-qjwm-w44q published
May 22, 2025 by sanojwrModerate -
No database deletion on client logoutGHSA-qc6c-2hh8-qfh8 published
May 22, 2025 by sanojwrModerate -
DoS vulnerability: Markdown RenderingGHSA-v5mf-358q-w7m4 published
Jan 26, 2023 by comawillModerate -
Cross Site Scripting in Wire MessagesGHSA-jgv3-4j56-fvh6 published
Jun 23, 2022 by comawillCritical -
Cross Site Scripting in Wire MessagesGHSA-5568-rfh8-vmhq published
Apr 20, 2022 by comawillCritical -
Expired Ephemeral Messages not reliably removed from local chat historyGHSA-2w3m-ppfg-hg62 published
Feb 2, 2022 by comawillModerate -
XSS through createObjectURLGHSA-382j-mmc8-m5rw published
Jun 15, 2021 by franziskuskieferHigh -
Entering code in App Lock modal sends input to conversationGHSA-cxwr-f2j3-q8hp published
Mar 24, 2021 by franziskuskieferHigh -
No modal on middle mouse clickGHSA-mp56-pqwj-hrfj published
Oct 9, 2020 by franziskuskieferModerate
Learn more about advisories related to wireapp/wire-webapp in the GitHub Advisory Database