CVE-2020-20096
First published: Wed Mar 23 2022(Updated: )
Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Whatsapp Whatsapp | <=2.19.80 | |
| Whatsapp Whatsapp | <=2.19.222 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-20096?
CVE-2020-20096 is a vulnerability in Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior that allows URI spoofing via specially crafted messages.
How does CVE-2020-20096 affect Whatsapp?
CVE-2020-20096 affects Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior by improperly representing URI messages, leading to URI spoofing.
What is the severity of CVE-2020-20096?
The severity of CVE-2020-20096 is considered medium, with a CVSS score of 6.5.
How can I check if my version of Whatsapp is affected by CVE-2020-20096?
If you are using Whatsapp iOS version 2.19.80 or prior, or Whatsapp Android version 2.19.222 or prior, your version may be affected by CVE-2020-20096. Please update to the latest version to mitigate the vulnerability.
How can I fix CVE-2020-20096?
To fix CVE-2020-20096, update your Whatsapp application to the latest version available for your operating system (iOS or Android).
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/whatsapp
- canonical/whatsapp whatsapp
- version/whatsapp whatsapp/2.19.80
- version/whatsapp whatsapp/2.19.222