CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-20655

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1650%
EPSS Percentile3.38th
Published2019年6月14日
Last Modified2025年9月3日

Vulnerability Description

When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2.18.90.24.

Affected Platforms (CPE)

📦
Whatsapp

Whatsapp

< 2.18.90.24
📦
Whatsapp

Whatsapp Business

< 2.18.90.24

References & Advisories

🔗 http://www.securityfocus.com/bid/108805
🔗 https://www.facebook.com/security/advisories/cve-2018-20655/
🔗 http://www.securityfocus.com/bid/108805
🔗 https://www.facebook.com/security/advisories/cve-2018-20655/

関連する脆弱性情報

CVE-2020-188910.0

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron ...

CVE-2018-63499.8

When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-ba...

CVE-2018-63509.8

An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for ...

CVE-2018-63399.8

When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed ...