Search
Find a vulnerability
Search criteria
4 vulnerabilities found for instagram by facebook
CVE-2020-20094 (GCVE-0-2020-20094)
Vulnerability from nvd – Published: 2022-03-23 21:27 – Updated: 2024-08-04 14:15
VLAI
Summary
Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/zadewg/RIUS | x_refsource_MISC |
| http://packetstormsecurity.com/files/166448/RTLO-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:15:28.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zadewg/RIUS"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T16:06:17.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zadewg/RIUS"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-20094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zadewg/RIUS",
"refsource": "MISC",
"url": "https://github.com/zadewg/RIUS"
},
{
"name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-20094",
"datePublished": "2022-03-23T21:27:46.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:15:28.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1895 (GCVE-0-2020-1895)
Vulnerability from nvd – Published: 2020-04-09 16:20 – Updated: 2024-08-04 06:53
VLAI
Summary
A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128.
Severity
No CVSS data available.
CWE
- CWE-680 - Integer Overflow to Buffer Overflow (CWE-680)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.facebook.com/security/advisories/cve-… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Instagram for Android |
Affected:
unspecified , < 128.0.0.26.128
(custom)
Unaffected: 128.0.0.26.128 , < unspecified (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Instagram for Android",
"vendor": "Facebook",
"versions": [
{
"lessThan": "128.0.0.26.128",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "128.0.0.26.128",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2020-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-680",
"description": "Integer Overflow to Buffer Overflow (CWE-680)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T16:20:12.000Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1895"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2020-04-08",
"ID": "CVE-2020-1895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Instagram for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "128.0.0.26.128"
},
{
"version_affected": "!\u003e=",
"version_value": "128.0.0.26.128"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow (CWE-680)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.facebook.com/security/advisories/cve-2020-1895",
"refsource": "CONFIRM",
"url": "https://www.facebook.com/security/advisories/cve-2020-1895"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2020-1895",
"datePublished": "2020-04-09T16:20:12.000Z",
"dateReserved": "2019-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-20094 (GCVE-0-2020-20094)
Vulnerability from cvelistv5 – Published: 2022-03-23 21:27 – Updated: 2024-08-04 14:15
VLAI
Summary
Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/zadewg/RIUS | x_refsource_MISC |
| http://packetstormsecurity.com/files/166448/RTLO-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:15:28.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zadewg/RIUS"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T16:06:17.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zadewg/RIUS"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-20094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zadewg/RIUS",
"refsource": "MISC",
"url": "https://github.com/zadewg/RIUS"
},
{
"name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-20094",
"datePublished": "2022-03-23T21:27:46.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:15:28.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1895 (GCVE-0-2020-1895)
Vulnerability from cvelistv5 – Published: 2020-04-09 16:20 – Updated: 2024-08-04 06:53
VLAI
Summary
A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128.
Severity
No CVSS data available.
CWE
- CWE-680 - Integer Overflow to Buffer Overflow (CWE-680)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.facebook.com/security/advisories/cve-… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Instagram for Android |
Affected:
unspecified , < 128.0.0.26.128
(custom)
Unaffected: 128.0.0.26.128 , < unspecified (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Instagram for Android",
"vendor": "Facebook",
"versions": [
{
"lessThan": "128.0.0.26.128",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unaffected",
"version": "128.0.0.26.128",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2020-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-680",
"description": "Integer Overflow to Buffer Overflow (CWE-680)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T16:20:12.000Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1895"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2020-04-08",
"ID": "CVE-2020-1895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Instagram for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "128.0.0.26.128"
},
{
"version_affected": "!\u003e=",
"version_value": "128.0.0.26.128"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow (CWE-680)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.facebook.com/security/advisories/cve-2020-1895",
"refsource": "CONFIRM",
"url": "https://www.facebook.com/security/advisories/cve-2020-1895"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2020-1895",
"datePublished": "2020-04-09T16:20:12.000Z",
"dateReserved": "2019-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}