CVE-2020-1894

CVE-2020-1894

Vendor Facebook

Product WhatsApp Android

Weakness CWE-787

Published September 3, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A stack write overflow in WhatsApp for Android prior to v2.20.35, WhatsApp Business for Android prior to v2.20.20, WhatsApp for iPhone prior to v2.20.30, and WhatsApp Business for iPhone prior to v2.20.30 could have allowed arbitrary code execution when playing a specially crafted push to talk message.

Key dates

02Disclosure timeline

September 3, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-1894 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

Identifiers

CVE CVE-2020-1894

CWE CWE-787

Affected versions

Vendor Facebook

Product WhatsApp Android

Affected 2.20.35

Vendor Facebook

Product WhatsApp Android

Affected ≥ unspecified and < 2.20.35

Vendor Facebook

Product WhatsApp Business for Android

Affected 2.20.20

Vendor Facebook

Product WhatsApp Business for Android

Affected ≥ unspecified and < 2.20.20

Vendor Facebook

Product WhatsApp iPhone

Affected 2.20.30

Vendor Facebook

Product WhatsApp iPhone

Affected ≥ unspecified and < 2.20.30

Vendor Facebook

Product WhatsApp Business for iPhone

Affected 2.20.30

Vendor Facebook

Product WhatsApp Business for iPhone

Affected ≥ unspecified and < 2.20.30

01Description

02Disclosure timeline

03References

04Related CVE