CVE-2018-6350

🗓️ 14 Jun 2019 17:02:57Reported by facebookType

Out-of-bounds read in WhatsApp due to RTP extension headers parsin

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2018-6350	14 Jun 201917:02	–	cvelist
EUVD	EUVD-2018-18108	7 Oct 202500:30	–	euvd
NVD	CVE-2018-6350	14 Jun 201917:29	–	nvd
OSV	CVE-2018-6350	14 Jun 201917:29	–	osv
Prion	Design/Logic Flaw	14 Jun 201917:29	–	prion
RedhatCVE	CVE-2018-6350	9 Jan 202612:07	–	redhatcve

NVD

Node

whatsapp whatsappRange<2.18.99android

whatsapp whatsappRange<2.18.100.6iphone_os

whatsapp whatsappRange<2.18.224windows_phone

whatsapp whatsapp_businessRange<2.18.100.2iphone_os

whatsapp whatsapp_businessRange<2.18.276android

[
  {
    "product": "WhatsApp for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.18.276"
      },
      {
        "lessThan": "2.18.276",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp Business for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.18.99"
      },
      {
        "lessThan": "2.18.99",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp for iOS",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.18.100.6"
      },
      {
        "lessThan": "2.18.100.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp Business for iOS",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.18.100.2"
      },
      {
        "lessThan": "2.18.100.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp for Windows Phone",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.18.224"
      },
      {
        "lessThan": "2.18.224",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
facebook	www.facebook.com/security/advisories/cve-2018-6350/
securityfocus	www.securityfocus.com/bid/108803

03 Sep 2025 17:36Current

8.7High risk

Vulners AI Score8.7

CVSS 27.5

CVSS 39.8

EPSS0.00412

CWE-125