Vulnerability Details CVE-2020-1904
A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachments to messages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.8%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
Products affected by CVE-2020-1904
-
cpe:2.3:a:whatsapp:whatsapp:-
-
cpe:2.3:a:whatsapp:whatsapp:2.10.1
-
cpe:2.3:a:whatsapp:whatsapp:2.10.2
-
cpe:2.3:a:whatsapp:whatsapp:2.11.11
-
cpe:2.3:a:whatsapp:whatsapp:2.11.12
-
cpe:2.3:a:whatsapp:whatsapp:2.11.14
-
cpe:2.3:a:whatsapp:whatsapp:2.11.15
-
cpe:2.3:a:whatsapp:whatsapp:2.11.16
-
cpe:2.3:a:whatsapp:whatsapp:2.11.3
-
cpe:2.3:a:whatsapp:whatsapp:2.11.4
-
cpe:2.3:a:whatsapp:whatsapp:2.11.5
-
cpe:2.3:a:whatsapp:whatsapp:2.11.6
-
cpe:2.3:a:whatsapp:whatsapp:2.11.7
-
cpe:2.3:a:whatsapp:whatsapp:2.11.8
-
cpe:2.3:a:whatsapp:whatsapp:2.11.9
-
cpe:2.3:a:whatsapp:whatsapp:2.12.1
-
cpe:2.3:a:whatsapp:whatsapp:2.12.10
-
cpe:2.3:a:whatsapp:whatsapp:2.12.11
-
cpe:2.3:a:whatsapp:whatsapp:2.12.12
-
cpe:2.3:a:whatsapp:whatsapp:2.12.13
-
cpe:2.3:a:whatsapp:whatsapp:2.12.14
-
cpe:2.3:a:whatsapp:whatsapp:2.12.15
-
cpe:2.3:a:whatsapp:whatsapp:2.12.16
-
cpe:2.3:a:whatsapp:whatsapp:2.12.17
-
cpe:2.3:a:whatsapp:whatsapp:2.12.2
-
cpe:2.3:a:whatsapp:whatsapp:2.12.3
-
cpe:2.3:a:whatsapp:whatsapp:2.12.4
-
cpe:2.3:a:whatsapp:whatsapp:2.12.6
-
cpe:2.3:a:whatsapp:whatsapp:2.12.7
-
cpe:2.3:a:whatsapp:whatsapp:2.12.8
-
cpe:2.3:a:whatsapp:whatsapp:2.12.9
-
cpe:2.3:a:whatsapp:whatsapp:2.16.1
-
cpe:2.3:a:whatsapp:whatsapp:2.16.10
-
cpe:2.3:a:whatsapp:whatsapp:2.16.11
-
cpe:2.3:a:whatsapp:whatsapp:2.16.12
-
cpe:2.3:a:whatsapp:whatsapp:2.16.13
-
cpe:2.3:a:whatsapp:whatsapp:2.16.14
-
cpe:2.3:a:whatsapp:whatsapp:2.16.15
-
cpe:2.3:a:whatsapp:whatsapp:2.16.16
-
cpe:2.3:a:whatsapp:whatsapp:2.16.17
-
cpe:2.3:a:whatsapp:whatsapp:2.16.18
-
cpe:2.3:a:whatsapp:whatsapp:2.16.19
-
cpe:2.3:a:whatsapp:whatsapp:2.16.2
-
cpe:2.3:a:whatsapp:whatsapp:2.16.20
-
cpe:2.3:a:whatsapp:whatsapp:2.16.3
-
cpe:2.3:a:whatsapp:whatsapp:2.16.4
-
cpe:2.3:a:whatsapp:whatsapp:2.16.5
-
cpe:2.3:a:whatsapp:whatsapp:2.16.6
-
cpe:2.3:a:whatsapp:whatsapp:2.16.7
-
cpe:2.3:a:whatsapp:whatsapp:2.16.8
-
cpe:2.3:a:whatsapp:whatsapp:2.16.9
-
cpe:2.3:a:whatsapp:whatsapp:2.17.1
-
cpe:2.3:a:whatsapp:whatsapp:2.17.2
-
cpe:2.3:a:whatsapp:whatsapp:2.17.3
-
cpe:2.3:a:whatsapp:whatsapp:2.17.4
-
cpe:2.3:a:whatsapp:whatsapp:2.17.5
-
cpe:2.3:a:whatsapp:whatsapp:2.17.7
-
cpe:2.3:a:whatsapp:whatsapp:2.18.100.2
-
cpe:2.3:a:whatsapp:whatsapp:2.18.100.6
-
cpe:2.3:a:whatsapp:whatsapp:2.18.90.24
-
cpe:2.3:a:whatsapp:whatsapp:2.18.93
-
cpe:2.3:a:whatsapp:whatsapp:2.19.100
-
cpe:2.3:a:whatsapp:whatsapp:2.19.51
-
cpe:2.3:a:whatsapp:whatsapp:2.2.5
-
cpe:2.3:a:whatsapp:whatsapp:2.20.10
-
cpe:2.3:a:whatsapp:whatsapp:2.20.30
-
cpe:2.3:a:whatsapp:whatsapp:2.6.10
-
cpe:2.3:a:whatsapp:whatsapp:2.6.4
-
cpe:2.3:a:whatsapp:whatsapp:2.6.5
-
cpe:2.3:a:whatsapp:whatsapp:2.6.6
-
cpe:2.3:a:whatsapp:whatsapp:2.6.7
-
cpe:2.3:a:whatsapp:whatsapp:2.6.9
-
cpe:2.3:a:whatsapp:whatsapp:2.8.1
-
cpe:2.3:a:whatsapp:whatsapp:2.8.2
-
cpe:2.3:a:whatsapp:whatsapp:2.8.3
-
cpe:2.3:a:whatsapp:whatsapp:2.8.4
-
cpe:2.3:a:whatsapp:whatsapp:2.8.6
-
cpe:2.3:a:whatsapp:whatsapp:2.8.7
-
cpe:2.3:a:whatsapp:whatsapp_business:-
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.100
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.110
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.112
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.21
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.42
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.51
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.60
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.61
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.70
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.71
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.80
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.90
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.91
-
cpe:2.3:a:whatsapp:whatsapp_business:2.19.92
-
cpe:2.3:a:whatsapp:whatsapp_business:2.20.30