CVE-2020-1903

CVE-2020-1903

Vendor Facebook

Product WhatsApp for iOS

Weakness CWE-400

Published October 6, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An issue when unzipping docx, pptx, and xlsx documents in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have resulted in an out-of-memory denial of service. This issue would have required the receiver to explicitly open the attachment if it was received from a number not in the receiver's WhatsApp contacts.

Key dates

02Disclosure timeline

October 6, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-1903 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/400.html

Related vulnerabilities

Identifiers

CVE CVE-2020-1903

CWE CWE-400

Affected versions

Vendor Facebook

Product WhatsApp for iOS

Affected 2.20.61

Vendor Facebook

Product WhatsApp for iOS

Affected ≥ unspecified and < 2.20.61

Vendor Facebook

Product WhatsApp Business for iOS

Affected 2.20.61

Vendor Facebook

Product WhatsApp Business for iOS

Affected ≥ unspecified and < 2.20.61

01Description

02Disclosure timeline

03References

04Related CVE