How severe is CVE-2022-23605?

This vulnerability has a severity rating of LOW with a CVSS score of 2.3 out of 10.

What type of vulnerability is CVE-2022-23605?

This is classified as CWE-212, which is a common weakness in software security.

CVE-2022-23605 - LOW Severity | CVSS 2.3

Vulnerability Description

Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions before 2022-01-27-production.0 ephemeral messages and assets might still be accessible through the local search functionality. Any attempt to view one of these message in the chat view will then trigger the deletion. This issue only affects locally stored messages. On premise instances of wire-webapp need to be updated to 2022-01-27-production.0, so that their users are no longer affected. There are no known workarounds for this issue.

Related Vulnerabilities

CVE-2024-41156

LOW

CVSS:2.7(Low)

Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. P...

CWE-2122024

CVE-2020-9780

LOW

CVSS:3.3(Low)

The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher.

CWE-2122020

CVE-2022-22779

LOW

CVSS:3.7(Low)

The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and p...

CWE-2122022

CVE-2025-48708

MEDIUM

CVSS:4.0(Medium)

gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.

CWE-2122025

CVE-2022-1650

CRITICAL

CVSS:9.3(Critical)

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2.

CWE-2122022

CVE-2020-11684

CRITICAL

CVSS:9.1(Critical)

AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these...

CWE-2122020