CVE-2020-1890
N/A
N/A
Summary
A URL validation issue in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have caused the recipient of a sticker message containing deliberately malformed data to load an image from a sender-controlled URL without user interaction.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| WhatsApp for Android | 2.20.11 | affected | |
| WhatsApp for Android | unspecified < 2.20.11 | affected | |
| WhatsApp Business for Android | 2.20.2 | affected | |
| WhatsApp Business for Android | unspecified < 2.20.2 | affected |
Weaknesses
- CWE-20: CWE-20: Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.