CVE-2020-1902

CVE-2020-1902

Vendor Facebook

Product WhatsApp for Android

Weakness CWE-200 · Info exposure

Published October 6, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.

Key dates

02Disclosure timeline

October 6, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-1902 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

Identifiers

CVE CVE-2020-1902

CWE CWE-200

Affected versions

Vendor Facebook

Product WhatsApp for Android

Affected 2.20.140

Vendor Facebook

Product WhatsApp for Android

Affected ≥ unspecified and < 2.20.140

Vendor Facebook

Product WhatsApp Business for Android

Affected 2.20.49

Vendor Facebook

Product WhatsApp Business for Android

Affected ≥ unspecified and < 2.20.49

01Description

02Disclosure timeline

03References

04Related CVE