Aller au contenu
Appaloosa Scout
HIGH 8.2 KEV

CVE-2019-18426

A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

CISA Known Exploited Vulnerability

Ajouté au KEV
2022-05-23
Deadline remédiation
2022-06-13
Action requise
Apply updates per vendor instructions.
Ransomware
Non

Apps mobiles affectées

WhatsApp Messenger
Android
com.whatsapp
1 CVE 1 KEV
WhatsApp Messenger
iOS
net.whatsapp.WhatsApp
1 CVE 1 KEV

Configurations CPE vulnérables

Vendor Produit Plateforme Versions CPE 2.3 URI
whatsapp whatsapp Android <0.3.9309 cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:desktop:*:*:*
whatsapp whatsapp iOS <0.3.9309 cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:desktop:*:*:*
whatsapp whatsapp iOS <2.20.10 cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:*
Voir sur NVD ↗ Catalogue CISA KEV ↗