Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for instagram by facebook

    CVE-2020-20094 (GCVE-0-2020-20094)

    Vulnerability from nvd – Published: 2022-03-23 21:27 – Updated: 2024-08-04 14:15
    VLAI
    Summary
    Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T14:15:28.887Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/zadewg/RIUS"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-25T16:06:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/zadewg/RIUS"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-20094",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/zadewg/RIUS",
                  "refsource": "MISC",
                  "url": "https://github.com/zadewg/RIUS"
                },
                {
                  "name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-20094",
        "datePublished": "2022-03-23T21:27:46.000Z",
        "dateReserved": "2020-08-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T14:15:28.887Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1895 (GCVE-0-2020-1895)

    Vulnerability from nvd – Published: 2020-04-09 16:20 – Updated: 2024-08-04 06:53
    VLAI
    Summary
    A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128.
    Severity
    No CVSS data available.
    CWE
    • CWE-680 - Integer Overflow to Buffer Overflow (CWE-680)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Facebook Instagram for Android Affected: unspecified , < 128.0.0.26.128 (custom)
    Unaffected: 128.0.0.26.128 , < unspecified (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:53:59.862Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.facebook.com/security/advisories/cve-2020-1895"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Instagram for Android",
              "vendor": "Facebook",
              "versions": [
                {
                  "lessThan": "128.0.0.26.128",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThan": "unspecified",
                  "status": "unaffected",
                  "version": "128.0.0.26.128",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2020-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-680",
                  "description": "Integer Overflow to Buffer Overflow (CWE-680)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-09T16:20:12.000Z",
            "orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
            "shortName": "facebook"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.facebook.com/security/advisories/cve-2020-1895"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve-assign@fb.com",
              "DATE_ASSIGNED": "2020-04-08",
              "ID": "CVE-2020-1895",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Instagram for Android",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "128.0.0.26.128"
                              },
                              {
                                "version_affected": "!\u003e=",
                                "version_value": "128.0.0.26.128"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Facebook"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow (CWE-680)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.facebook.com/security/advisories/cve-2020-1895",
                  "refsource": "CONFIRM",
                  "url": "https://www.facebook.com/security/advisories/cve-2020-1895"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
        "assignerShortName": "facebook",
        "cveId": "CVE-2020-1895",
        "datePublished": "2020-04-09T16:20:12.000Z",
        "dateReserved": "2019-12-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:53:59.862Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-20094 (GCVE-0-2020-20094)

    Vulnerability from cvelistv5 – Published: 2022-03-23 21:27 – Updated: 2024-08-04 14:15
    VLAI
    Summary
    Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T14:15:28.887Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/zadewg/RIUS"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-25T16:06:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/zadewg/RIUS"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-20094",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/zadewg/RIUS",
                  "refsource": "MISC",
                  "url": "https://github.com/zadewg/RIUS"
                },
                {
                  "name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-20094",
        "datePublished": "2022-03-23T21:27:46.000Z",
        "dateReserved": "2020-08-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T14:15:28.887Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1895 (GCVE-0-2020-1895)

    Vulnerability from cvelistv5 – Published: 2020-04-09 16:20 – Updated: 2024-08-04 06:53
    VLAI
    Summary
    A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128.
    Severity
    No CVSS data available.
    CWE
    • CWE-680 - Integer Overflow to Buffer Overflow (CWE-680)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Facebook Instagram for Android Affected: unspecified , < 128.0.0.26.128 (custom)
    Unaffected: 128.0.0.26.128 , < unspecified (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:53:59.862Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.facebook.com/security/advisories/cve-2020-1895"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Instagram for Android",
              "vendor": "Facebook",
              "versions": [
                {
                  "lessThan": "128.0.0.26.128",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThan": "unspecified",
                  "status": "unaffected",
                  "version": "128.0.0.26.128",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "dateAssigned": "2020-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-680",
                  "description": "Integer Overflow to Buffer Overflow (CWE-680)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-09T16:20:12.000Z",
            "orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
            "shortName": "facebook"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.facebook.com/security/advisories/cve-2020-1895"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve-assign@fb.com",
              "DATE_ASSIGNED": "2020-04-08",
              "ID": "CVE-2020-1895",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Instagram for Android",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "128.0.0.26.128"
                              },
                              {
                                "version_affected": "!\u003e=",
                                "version_value": "128.0.0.26.128"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Facebook"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow (CWE-680)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.facebook.com/security/advisories/cve-2020-1895",
                  "refsource": "CONFIRM",
                  "url": "https://www.facebook.com/security/advisories/cve-2020-1895"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
        "assignerShortName": "facebook",
        "cveId": "CVE-2020-1895",
        "datePublished": "2020-04-09T16:20:12.000Z",
        "dateReserved": "2019-12-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:53:59.862Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }