CVE-2020-1906

🗓️ 06 Oct 2020 17:35:26Reported by facebookType

A buffer overflow in WhatsApp for Android prior to v2.20.130 and WhatsApp Business for Android prior to v2.20.46 could have allowed an out-of-bounds write when processing malformed local videos with E-AC-3 audio streams

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2020-1906	6 Oct 202017:35	–	cvelist
EUVD	EUVD-2020-12732	7 Oct 202500:30	–	euvd
NVD	CVE-2020-1906	6 Oct 202018:15	–	nvd
Prion	Buffer overflow	6 Oct 202018:15	–	prion
RedhatCVE	CVE-2020-1906	22 May 202516:27	–	redhatcve

NVD

Node

whatsapp whatsappRange<2.20.130android

whatsapp whatsapp_businessRange<2.20.46android

[
  {
    "product": "WhatsApp for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.20.130"
      },
      {
        "lessThan": "2.20.130",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp Business for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.20.46"
      },
      {
        "lessThan": "2.20.46",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
whatsapp	www.whatsapp.com/security/advisories/2020/

21 Nov 2024 05:11Current

7.7High risk

Vulners AI Score7.7

CVSS 24.6

CVSS 3.17.8

EPSS0.0021