CVE-2023-38538 MEDIUM

CVE-2023-38538

Vendor Facebook
Product WhatsApp Desktop for Mac
Published October 4, 2023
Last update September 19, 2024

CVSS base score

5.0/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C

What the vulnerability does

01Description

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.

Key dates

02Disclosure timeline

October 4, 2023 CVE published
September 19, 2024 Record updated