HIGH🇬🇧 English

CVE-2021-24027

CVSS 7.5v3.1pub. 2021-04-06upd. 2024-11-21

A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Whatsapp

    APP
    Whatsapp
    < 2.21.4.18
  • Whatsapp Business

    APP
    Whatsapp
    < 2.21.4.18
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-3568CRITICAL9.8⚠ KEVten sam produkt

A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted ser...

CVE-2022-36934CRITICAL9.8ten sam produkt

An integer overflow in WhatsApp could result in remote code execution in an established video call.

CVE-2021-24043CRITICAL9.1ten sam produkt

A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business fo...

CVE-2021-24042CRITICAL9.8ten sam produkt

The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23,...

CVE-2021-24041CRITICAL9.8ten sam produkt

A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business f...