CVE-2020-1909

Published: Nov 3, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. This could have happened only if several events occurred together in sequence, including receiving an animated sticker while placing a WhatsApp video call on hold.

Vendor	Product	Versions
Facebook	WhatsApp Business for iOS	affected `2.20.111` affected `unspecified - < 2.20.111` affected `2.20.81 - < unspecified`
Facebook	WhatsApp for iOS	affected `2.20.111` affected `unspecified - < 2.20.111` affected `2.20.81 - < unspecified`

Weaknesses (CWE)

CWE-416

References

https://www.whatsapp.com/security/advisories/2020/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-1909

Description

Affected Products

Weaknesses (CWE)

References