Critical severity9.8NVD Advisory· Published Oct 6, 2020· Updated Jun 17, 2026
CVE-2020-1907
CVE-2020-1907
Description
A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header.
Affected products
7- Range: <2.20.196.16
2.20.196.12+ 1 more
- (no CPE)range: 2.20.196.12
- (no CPE)range: 2.20.196.16
- Range: 2.20.90
- Range: 2.20.90
- Facebook/WhatsApp for Portalv5Range: 173.0.0.29.505
Patches
Vulnerability mechanics
References
1- www.whatsapp.com/security/advisories/2020/nvdVendor Advisory
News mentions
0No linked articles in our index yet.