CVE-2020-1902

A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:android:*:*
cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:android:*:*

History

14 Sep 2021, 18:16

Type Values Removed Values Added
CWE CWE-200 CWE-319

Information

Published : 2020-10-06 18:15

Updated : 2023-12-10 13:41


NVD link : CVE-2020-1902

Mitre link : CVE-2020-1902

CVE.ORG link : CVE-2020-1902


JSON object : View

Products Affected

whatsapp

  • whatsapp
  • whatsapp_business
CWE
CWE-319

Cleartext Transmission of Sensitive Information

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor