One flaw, which WhatsApp labelled CVE-2020-1890, revolved around a user being sent “deliberately malformed data to load an image from a sender-controlled URL”.
Another, named CVE-2020-1891, affected video calls in different versions of WhatsApp for Android, iOS and WhatsApp Business.
While the CVE-2020-1886 vulnerability could have been exploited after an unsuspecting WhatsApp user picked up “a malicious video call”.
And the CVE-2019-11928 flaw affected WhatsApp Desktop users that clicked on “a link from a specially crafted live location message”.
Outlining their approach to tackling security threats, WhatsApp on their new security advisory website said: “If a bug is identified, we work to fix the issue as quickly as possible. In keeping with industry best practices, we will not disclose security issues until after we have fully investigated any claims, issued any necessary fixes, and made updates widely available through the respective app stores. We use this same approach for all WhatsApp products.