Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-mp5j-h5hx-cfxc

Опубликовано: 05 янв. 2022
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor.

The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor.

Ссылки

EPSS

Процентиль: 66%
0.00504
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2021-24042

Дефекты

CWE-122
CWE-787

Связанные уязвимости

nvd логотип

CVE-2021-24042

CVSS3: 9.8
nvd
около 4 лет назад

The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor.

EPSS

Процентиль: 66%
0.00504
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2021-24042

Дефекты

CWE-122
CWE-787