Vulnerability Details CVE-2021-24035
A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.4%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
Products affected by CVE-2021-24035
-
cpe:2.3:a:whatsapp:whatsapp:*
-
cpe:2.3:a:whatsapp:whatsapp:0.0.104
-
cpe:2.3:a:whatsapp:whatsapp:0.0.120
-
cpe:2.3:a:whatsapp:whatsapp:0.0.58
-
cpe:2.3:a:whatsapp:whatsapp:0.0.60
-
cpe:2.3:a:whatsapp:whatsapp:0.0.62
-
cpe:2.3:a:whatsapp:whatsapp:0.0.73
-
cpe:2.3:a:whatsapp:whatsapp:0.0.75
-
cpe:2.3:a:whatsapp:whatsapp:0.0.86
-
cpe:2.3:a:whatsapp:whatsapp:0.0.89
-
cpe:2.3:a:whatsapp:whatsapp:0.0.98
-
cpe:2.3:a:whatsapp:whatsapp:2.18.1
-
cpe:2.3:a:whatsapp:whatsapp:2.18.100
-
cpe:2.3:a:whatsapp:whatsapp:2.18.101
-
cpe:2.3:a:whatsapp:whatsapp:2.18.102
-
cpe:2.3:a:whatsapp:whatsapp:2.18.104
-
cpe:2.3:a:whatsapp:whatsapp:2.18.105
-
cpe:2.3:a:whatsapp:whatsapp:2.18.106
-
cpe:2.3:a:whatsapp:whatsapp:2.18.108
-
cpe:2.3:a:whatsapp:whatsapp:2.18.109
-
cpe:2.3:a:whatsapp:whatsapp:2.18.111
-
cpe:2.3:a:whatsapp:whatsapp:2.18.116
-
cpe:2.3:a:whatsapp:whatsapp:2.18.117
-
cpe:2.3:a:whatsapp:whatsapp:2.18.121
-
cpe:2.3:a:whatsapp:whatsapp:2.18.122
-
cpe:2.3:a:whatsapp:whatsapp:2.18.123
-
cpe:2.3:a:whatsapp:whatsapp:2.18.124
-
cpe:2.3:a:whatsapp:whatsapp:2.18.126
-
cpe:2.3:a:whatsapp:whatsapp:2.18.129
-
cpe:2.3:a:whatsapp:whatsapp:2.18.13
-
cpe:2.3:a:whatsapp:whatsapp:2.18.130
-
cpe:2.3:a:whatsapp:whatsapp:2.18.131
-
cpe:2.3:a:whatsapp:whatsapp:2.18.132
-
cpe:2.3:a:whatsapp:whatsapp:2.18.14
-
cpe:2.3:a:whatsapp:whatsapp:2.18.150
-
cpe:2.3:a:whatsapp:whatsapp:2.18.18
-
cpe:2.3:a:whatsapp:whatsapp:2.18.21
-
cpe:2.3:a:whatsapp:whatsapp:2.18.22
-
cpe:2.3:a:whatsapp:whatsapp:2.18.26
-
cpe:2.3:a:whatsapp:whatsapp:2.18.276
-
cpe:2.3:a:whatsapp:whatsapp:2.18.3
-
cpe:2.3:a:whatsapp:whatsapp:2.18.30
-
cpe:2.3:a:whatsapp:whatsapp:2.18.33
-
cpe:2.3:a:whatsapp:whatsapp:2.18.35
-
cpe:2.3:a:whatsapp:whatsapp:2.18.36
-
cpe:2.3:a:whatsapp:whatsapp:2.18.37
-
cpe:2.3:a:whatsapp:whatsapp:2.18.42
-
cpe:2.3:a:whatsapp:whatsapp:2.18.43
-
cpe:2.3:a:whatsapp:whatsapp:2.18.44
-
cpe:2.3:a:whatsapp:whatsapp:2.18.49
-
cpe:2.3:a:whatsapp:whatsapp:2.18.51
-
cpe:2.3:a:whatsapp:whatsapp:2.18.54
-
cpe:2.3:a:whatsapp:whatsapp:2.18.55
-
cpe:2.3:a:whatsapp:whatsapp:2.18.62
-
cpe:2.3:a:whatsapp:whatsapp:2.18.63
-
cpe:2.3:a:whatsapp:whatsapp:2.18.68
-
cpe:2.3:a:whatsapp:whatsapp:2.18.69
-
cpe:2.3:a:whatsapp:whatsapp:2.18.7
-
cpe:2.3:a:whatsapp:whatsapp:2.18.71
-
cpe:2.3:a:whatsapp:whatsapp:2.18.72
-
cpe:2.3:a:whatsapp:whatsapp:2.18.75
-
cpe:2.3:a:whatsapp:whatsapp:2.18.77
-
cpe:2.3:a:whatsapp:whatsapp:2.18.79
-
cpe:2.3:a:whatsapp:whatsapp:2.18.80
-
cpe:2.3:a:whatsapp:whatsapp:2.18.87
-
cpe:2.3:a:whatsapp:whatsapp:2.18.9
-
cpe:2.3:a:whatsapp:whatsapp:2.18.90
-
cpe:2.3:a:whatsapp:whatsapp:2.18.91
-
cpe:2.3:a:whatsapp:whatsapp:2.18.92
-
cpe:2.3:a:whatsapp:whatsapp:2.18.94
-
cpe:2.3:a:whatsapp:whatsapp:2.18.95
-
cpe:2.3:a:whatsapp:whatsapp:2.19.44
-
cpe:2.3:a:whatsapp:whatsapp:2.20.193.2
-
cpe:2.3:a:whatsapp:whatsapp:2.20.193.9
-
cpe:2.3:a:whatsapp:whatsapp:2.20.194.16
-
cpe:2.3:a:whatsapp:whatsapp:2.20.195.15
-
cpe:2.3:a:whatsapp:whatsapp:2.20.195.17
-
cpe:2.3:a:whatsapp:whatsapp:2.20.196.16
-
cpe:2.3:a:whatsapp:whatsapp:2.20.197.17
-
cpe:2.3:a:whatsapp:whatsapp:2.20.197.20
-
cpe:2.3:a:whatsapp:whatsapp:2.20.198.15
-
cpe:2.3:a:whatsapp:whatsapp:2.20.199.14
-
cpe:2.3:a:whatsapp:whatsapp:2.20.78
-
cpe:2.3:a:whatsapp:whatsapp:2.20.79
-
cpe:2.3:a:whatsapp:whatsapp:2.20.95
-
cpe:2.3:a:whatsapp:whatsapp:2.20.96
-
cpe:2.3:a:whatsapp:whatsapp:2.20.97