CVE-2020-1905 is a vulnerability in WhatsApp
Published on October 6, 2020
Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is terminated.
Weakness Type
Generation of Predictable Numbers or Identifiers
The product uses a scheme that generates numbers or identifiers that are more predictable than required.
Products Associated with CVE-2020-1905
Want to know whenever a new CVE is published for WhatsApp? stack.watch will email you.
Affected Versions
Facebook WhatsApp for Android:- Version 2.20.185 is affected.
- Version unspecified and below 2.20.185 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.