PT-2019-11022 · Facebook · Whatsapp Business For Ios+4
Published
2019-06-14
·
Updated
2025-09-03
·
CVE-2018-6350
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
WhatsApp for Android versions prior to 2.18.276
WhatsApp Business for Android versions prior to 2.18.99
WhatsApp for iOS versions prior to 2.18.100.6
WhatsApp Business for iOS versions prior to 2.18.100.2
WhatsApp for Windows Phone versions prior to 2.18.224
Description:
An out-of-bounds read was possible due to incorrect parsing of RTP extension headers.
Recommendations:
For WhatsApp for Android versions prior to 2.18.276, update to version 2.18.276 or later.
For WhatsApp Business for Android versions prior to 2.18.99, update to version 2.18.99 or later.
For WhatsApp for iOS versions prior to 2.18.100.6, update to version 2.18.100.6 or later.
For WhatsApp Business for iOS versions prior to 2.18.100.2, update to version 2.18.100.2 or later.
For WhatsApp for Windows Phone versions prior to 2.18.224, update to version 2.18.224 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Whatsapp Business For Android
Whatsapp Business For Ios
Whatsapp For Android
Whatsapp For Windows Phone
Whatsapp For Ios