Security Advisory

CVE-2020-1905

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-10-06 17:35:26

Last updated 2024-08-04 06:53:59

Assigner facebook

State PUBLISHED

Description

Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is terminated.

← Browse all CVEs View on cve.org ↗