Vulnerabilites related to telegram - telegram
Vulnerability from fkie_nvd
Published
2021-10-04 03:15
Modified
2024-11-21 06:26
Severity ?
Summary
The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "94BF559C-E665-4B7A-9AFF-93743FBB3AEA", versionEndIncluding: "7.8.0", versionStartIncluding: "7.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory.", }, { lang: "es", value: "La aplicación Telegram versiones 7.5.0 hasta 7.8.0 para Android no implementa correctamente la autodestrucción de imágenes, una vulnerabilidad diferente a la de CVE-2019-16248. Después de aproximadamente dos a cuatro usos de la funcionalidad de autodestrucción, presenta una indicación de interfaz de usuario engañosa de que una imagen fue eliminada (tanto en el lado del remitente como del destinatario). Las imágenes siguen presentes en el directorio /Storage/Emulated/0/Telegram/Telegram Image/", }, ], id: "CVE-2021-41861", lastModified: "2024-11-21T06:26:54.747", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T03:15:16.787", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://desktop.telegram.org/changelog#v-2-6-23-02-21", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://habr.com/ru/post/580582/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://pikabu.ru/story/konfidentsialnost_polzovateley_telegram_snova_narushena_predstaviteli_messendzhera_trebuyut_ne_raskryivat_podrobnostey_8511495", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://telegram.org/blog/autodelete-inv2/ru#avtomaticheskoe-udalenie-soobschenii", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://desktop.telegram.org/changelog#v-2-6-23-02-21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://habr.com/ru/post/580582/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://pikabu.ru/story/konfidentsialnost_polzovateley_telegram_snova_narushena_predstaviteli_messendzhera_trebuyut_ne_raskryivat_podrobnostey_8511495", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://telegram.org/blog/autodelete-inv2/ru#avtomaticheskoe-udalenie-soobschenii", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-01 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "834E65F9-C6E4-4A3E-A97B-A57245F69DBD", versionEndIncluding: "6.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "6AD87000-E5B9-4B0E-A210-ADBB413E7A23", versionEndIncluding: "6.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram_desktop:*:*:*:*:*:*:*:*", matchCriteriaId: "816E9721-9861-48BA-BF72-3ADA2E212FE3", versionEndIncluding: "2.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.", }, { lang: "es", value: "Telegram Desktop versiones hasta 2.0.1, Telegram versiones hasta 6.0.1 para Android y Telegram versiones hasta 6.0.1 para iOS, permiten un ataque de Homógrafo IDN por medio de un Punycode en una URL pública o una URL de invitación de chat grupal.", }, ], id: "CVE-2020-12474", lastModified: "2024-11-21T04:59:46.557", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-01T14:15:11.547", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. A remote attacker might be able to overwrite Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/ | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. A remote attacker might be able to overwrite Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por un Desbordamiento en la región Stack de la Memoria en la función gray_split_cubic de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría sobrescribir la memoria de pila de Telegram fuera de límites en un dispositivo víctima por medio de una pegatina animada maliciosa", }, ], id: "CVE-2021-31321", lastModified: "2024-11-21T06:05:25.567", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.790", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-12 08:15
Modified
2024-11-21 05:57
Severity ?
Summary
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html | Third Party Advisory | |
cve@mitre.org | https://www.youtube.com/watch?v=Go-4srm_1fQ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.youtube.com/watch?v=Go-4srm_1fQ | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:*:*:*", matchCriteriaId: "AEF887D9-2A97-48A1-B362-398B496F76CC", versionEndExcluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", matchCriteriaId: "387021A0-AF36-463C-A605-32EA7DAC172E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.", }, { lang: "es", value: "Telegram versiones anteriores a 7.4 (212543) Stable en macOS almacena la copia local de mensajes autodestruidos en una ruta de espacio aislado, conllevando a una divulgación de información confidencial", }, ], id: "CVE-2021-27205", lastModified: "2024-11-21T05:57:34.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-12T08:15:11.230", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.youtube.com/watch?v=Go-4srm_1fQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.youtube.com/watch?v=Go-4srm_1fQ", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-17 00:15
Modified
2024-11-21 06:14
Severity ?
Summary
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://mtpsym.github.io | Technical Description, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://mtpsym.github.io | Technical Description, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "824E6C16-16EA-4487-A408-581499E9E01C", versionEndExcluding: "7.8.1", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "20C38A32-9DEC-4BF0-9E9B-FC2216F0B6A4", versionEndExcluding: "7.8.3", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram_desktop:*:*:*:*:*:*:*:*", matchCriteriaId: "2EDF0441-F5EC-492E-91DA-6230EE5F332C", versionEndExcluding: "2.8.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.", }, { lang: "es", value: "Se presenta un problema de reordenación en Telegram versiones anteriores a 7.8.1 para Android, Telegram versiones anteriores a 7.8.3 para iOS y Telegram Desktop versiones anteriores a 2.8.8. Un atacante puede causar al servidor recibir mensajes en un orden diferente al que se envió al cliente", }, ], id: "CVE-2021-36769", lastModified: "2024-11-21T06:14:03.433", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-17T00:15:07.847", references: [ { source: "cve@mitre.org", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://mtpsym.github.io", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://mtpsym.github.io", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-24 20:29
Modified
2024-11-21 04:01
Severity ?
Summary
The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the "Secret chats > Preview links" setting
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html | Exploit, Third Party Advisory | |
cve@mitre.org | https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:4.9.1:*:*:*:*:android:*:*", matchCriteriaId: "ED6F0254-56FE-4131-8CB3-C1BB9EA96710", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:web:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "C8E93F9E-49CD-429A-ABE5-BF56C5D85340", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "The \"secret chat\" feature in Telegram 4.9.1 for Android has a \"side channel\" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the \"Secret chats > Preview links\" setting", }, { lang: "es", value: "**EN DISPUTA** La funcionalidad de \"chat secreto\" en la versión 4.9.1 de Telegram para Android tiene un \"canal lateral\" a través del cual servidores Telegram envían peticiones GET para URL tipadas mientras redactan un mensaje de chat antes de enviarlo. Hay, también, peticiones GET a otras URL en el mismo servidor web. Esto también afecta a uno o más productos Telegram, como puede ser la versión web 0.7.0 de Telegram. Además, puede interpretarse como un problema de Server-Side Request Forgery (SSRF). NOTA: un tercero ha reportado que comportamientos potencialmente no deseados son causados por la mala configuración del ajuste de \"chats secretos > Previsualización de enlaces\".", }, ], id: "CVE-2018-20436", lastModified: "2024-11-21T04:01:28.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-24T20:29:00.287", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-09 17:29
Modified
2024-11-21 03:51
Severity ?
Summary
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:4.8.11:*:*:*:*:android:*:*", matchCriteriaId: "8F70A89F-DEF0-4A25-B694-A6AD62F3B9B9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred", }, { lang: "es", value: "** EN DISPUTA ** Se ha descubierto un problema en la versión 4.8.11 de la aplicación org.telegram.messenger para Android. La funcionalidad Passcode permite la omisión de autenticación mediante la manipulación en tiempo de ejecución que fuerza el valor de retorno de cierto método a ser \"true\". En otras palabras, un atacante podría autenticarse con una contraseña arbitraria. NOTA: el fabricante indica que este no es un ataque de interés en el contexto de su modelo de amenazas, que excluye a los dispositivos Android rooteados.", }, ], id: "CVE-2018-15542", lastModified: "2024-11-21T03:51:02.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-09T17:29:01.427", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-11 23:15
Modified
2024-11-21 04:30
Severity ?
Summary
The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that a sender can remove a recipient's copy of a previously sent image (analogous to supported functionality in which a sender can remove a recipient's copy of a previously sent message).
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf | Third Party Advisory | |
cve@mitre.org | https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.openwall.com/lists/oss-security/2019/09/09/2 | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2019/09/09/2 | Mailing List, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "FDF1836C-1773-4563-831F-260EDF6BF2AF", versionEndExcluding: "5.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The \"delete for\" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that a sender can remove a recipient's copy of a previously sent image (analogous to supported functionality in which a sender can remove a recipient's copy of a previously sent message).", }, { lang: "es", value: "La funcionalidad \"delete for\" en Telegram versiones anteriores a 5.11 en Android no elimina los archivos multimedia compartidos desde el directorio de Imágenes de Telegram. En otras palabras, existe una indicación de la IU potencialmente engañosa de que un remitente puede eliminar la copia de un destinatario de una imagen enviada previamente (análoga a la funcionalidad compatible en la que un remitente puede suprimir la copia de un destinatario de un mensaje enviado previamente).", }, ], id: "CVE-2019-16248", lastModified: "2024-11-21T04:30:22.957", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-11T23:15:14.313", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2019/09/09/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2019/09/09/2", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-25 20:29
Modified
2024-11-21 04:18
Severity ?
Summary
Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.securityfocus.com/bid/107610 | Third Party Advisory, VDB Entry | |
cve@mitre.org | https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107610 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:*:*:*", matchCriteriaId: "C158B9D6-302A-40BC-8B57-4220629E96F6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram_desktop:*:*:*:*:*:*:*:*", matchCriteriaId: "65FFC250-919A-4BD0-AD81-07C914CA1A54", versionEndExcluding: "1.5.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.", }, { lang: "es", value: "Telegram Desktop, en versiones anteriores a la 1.5.12 en Windows, y las aplicaciones de Telegram para Android, iOS y Linux son vulnerables a un ataque de homógrafo IDN al mostrar mensajes que contienen URL. Esto ocurre porque la aplicación produce un enlace sobre el que se puede hacer clic aunque, por ejemplo, existan caracteres latinos y cirílicos en el mismo nombre de dominio, y la fuente disponible tiene una representación idéntica de caracteres procedentes de distintos alfabetos.", }, ], id: "CVE-2019-10044", lastModified: "2024-11-21T04:18:16.203", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-25T20:29:00.863", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107610", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107610", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en la función VGradientCache::generateGradientColorTable de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría sobrescribir la memoria de la pila fuera de límites en un dispositivo víctima por medio de una etiqueta animada maliciosa", }, ], id: "CVE-2021-31320", lastModified: "2024-11-21T06:05:25.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.753", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vgradientcache-generategradientcolortable-heap-buffer-overflow/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vgradientcache-generategradientcolortable-heap-buffer-overflow/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/ | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por un Desbordamiento en la región Stack de la Memoria en la función blit de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría acceder a la memoria de pila de Telegram fuera de límites en un dispositivo víctima por medio de una etiqueta animada maliciosa", }, ], id: "CVE-2021-31315", lastModified: "2024-11-21T06:05:24.717", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.567", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-19 12:15
Modified
2025-01-21 20:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://telegram.com | Product | |
cve@mitre.org | https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/ | Exploit, Technical Description, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://telegram.com | Product | |
af854a3a-2127-422b-91ae-364da2661108 | https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/ | Exploit, Technical Description, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:9.3.1:*:*:*:*:macos:*:*", matchCriteriaId: "1BB0B331-9AFD-4B37-9E12-82954F5648E5", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:9.4:*:*:*:*:macos:*:*", matchCriteriaId: "FCB8F5AC-982C-4FC0-A5C4-D4FF2FF23440", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.", }, ], id: "CVE-2023-26818", lastModified: "2025-01-21T20:15:28.950", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-05-19T12:15:09.407", references: [ { source: "cve@mitre.org", tags: [ "Product", ], url: "http://telegram.com", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "http://telegram.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-20 16:15
Modified
2024-11-21 06:04
Severity ?
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Summary
The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor's perspective is that "this behavior can't be considered a vulnerability."
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31 | Exploit, Third Party Advisory | |
cve@mitre.org | https://t.me/joinchat/bJ9cnUosVh03ZTI0 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://t.me/joinchat/bJ9cnUosVh03ZTI0 | Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:7.6.2:*:*:*:*:iphone_os:*:*", matchCriteriaId: "69719CA8-ED11-463E-A7A8-68FA44F859ED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor's perspective is that \"this behavior can't be considered a vulnerability.\"", }, { lang: "es", value: "** EN DISPUTA ** La aplicación Telegram versión 7.6.2 para iOS, permite a usuarios autenticados remoto causar una denegación de servicio (bloqueo de la aplicación) si la víctima pega un mensaje proporcionado por el atacante (por ejemplo, en el idioma Persian) en un canal o grupo. El bloqueo ocurre en la función MtProtoKitFramework. NOTA: la perspectiva del proveedor es que \"este comportamiento no puede considerarse una vulnerabilidad\"", }, ], id: "CVE-2021-30496", lastModified: "2024-11-21T06:04:02.233", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-04-20T16:15:10.590", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://t.me/joinchat/bJ9cnUosVh03ZTI0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://t.me/joinchat/bJ9cnUosVh03ZTI0", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-121", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-09 17:29
Modified
2024-11-21 03:51
Severity ?
Summary
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in conjunction with the Android keyGenerator class is not implemented. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:4.8.11:*:*:*:*:android:*:*", matchCriteriaId: "8F70A89F-DEF0-4A25-B694-A6AD62F3B9B9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in conjunction with the Android keyGenerator class is not implemented. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred", }, { lang: "es", value: "** EN DISPUTA ** Se ha descubierto un problema en la versión 4.8.11 de la aplicación org.telegram.messenger para Android. La clase FingerprintManager para la validación biométrica permite la omisión de autenticación mediante el método callback desde onAuthenticationFailed a onAuthenticationSucceeded con un null. Esto se debe a que la API fingerprint no está implementada junto con la clase de Android keyGenerator. En otras palabras, un atacante podría autenticarse con una huella dactilar arbitraria. NOTA: el fabricante indica que este no es un ataque de interés en el contexto de su modelo de amenazas, que excluye a los dispositivos Android rooteados.", }, ], id: "CVE-2018-15543", lastModified: "2024-11-21T03:51:02.593", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-09T17:29:01.553", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-23 13:15
Modified
2024-11-21 04:28
Severity ?
Summary
The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:5.10.0:*:*:*:*:android:*:*", matchCriteriaId: "FF236758-2C4C-4915-B8E8-8FD3AD5483F0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:5.10.0:*:*:*:*:iphone_os:*:*", matchCriteriaId: "C5B934DA-6A87-4D46-995F-B0BA1592D069", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers.", }, { lang: "es", value: "openITCOCKPIT anterior de la versión 3.7.1 permite la inyección de código, La función Privacidad> Número de teléfono en la aplicación Telegram 5.10 para Android e iOS proporciona una indicación incorrecta de que el nivel de acceso es Nadie, porque los atacantes pueden encontrar estos números a través de la función Información de grupo, por ejemplo, agregando una fracción significativa de los números de teléfono asignados de una región como RVID 1-445b21.", }, ], id: "CVE-2019-15514", lastModified: "2024-11-21T04:28:54.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-23T13:15:11.813", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-24 14:15
Modified
2024-11-21 04:55
Severity ?
Summary
The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "6F2A5F7E-389F-43B6-A687-83E1CC47E369", versionEndIncluding: "5.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature.", }, { lang: "es", value: "La aplicación Telegram versiones hasta 5.12 para Android, cuando Show Popup está habilitado, podría permitir a atacantes físicamente próximos omitir restricciones previstas en la lectura y respuesta de mensajes. Esto podría interpretarse como una omisión de la funcionalidad de código de acceso.", }, ], id: "CVE-2020-10570", lastModified: "2024-11-21T04:55:36.297", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-24T14:15:12.217", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-19 19:15
Modified
2024-11-21 05:57
Severity ?
Summary
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html | Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/202105-07 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202105-07 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:unix:*:*", matchCriteriaId: "2F800B5C-6AB3-4177-B2FB-23AB42F9D754", versionEndIncluding: "2.4.7", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:windows:*:*", matchCriteriaId: "F685C105-8269-4DE8-BA20-323B9EB1323E", versionEndIncluding: "2.4.7", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "F00955F1-BB6E-4BD9-8807-F8A9FE2A87A3", versionEndIncluding: "7.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.", }, { lang: "es", value: "La funcionalidad Terminate Session en la aplicación Telegram hasta la versión 7.2.1 para Android, y hasta la versión 2.4.7 para Windows y UNIX, presenta una fallo al invalidar una sesión activa recientemente", }, ], id: "CVE-2021-27351", lastModified: "2024-11-21T05:57:49.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-19T19:15:12.690", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202105-07", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202105-07", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-613", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-29 17:15
Modified
2024-11-27 15:15
Severity ?
Summary
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://crsrg.sh/crsrg-2308101/ | Broken Link | |
nvd@nist.gov | https://exchange.xforce.ibmcloud.com/vulnerabilities/259547 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://crsrg.sh/crsrg-2308101/ | Broken Link |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:9.6.3:*:*:*:*:iphone_os:*:*", matchCriteriaId: "F2AF0D9A-D251-4A85-BF12-0A15D3D753BE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.", }, ], id: "CVE-2023-34658", lastModified: "2024-11-27T15:15:23.273", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-29T17:15:09.767", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://crsrg.sh/crsrg-2308101/", }, { source: "nvd@nist.gov", tags: [ "Third Party Advisory", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/259547", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://crsrg.sh/crsrg-2308101/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-1021", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/ | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en la función LOTGradient::populate de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría acceder a la memoria de la pila fuera de límites en un dispositivo víctima por medio de una etiqueta animada maliciosa", }, ], id: "CVE-2021-31322", lastModified: "2024-11-21T06:05:25.710", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.827", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una Confusión de Tipos en la función LOTCompLayerItem::LOTCompLayerItem de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría acceder a la memoria de la pila fuera de límites en un dispositivo víctima por medio de una etiqueta animada maliciosa", }, ], id: "CVE-2021-31318", lastModified: "2024-11-21T06:05:25.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.677", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotcomplayeritem-lotcomplayeritem-type-confusion/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotcomplayeritem-lotcomplayeritem-type-confusion/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-843", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-06 16:15
Modified
2024-11-21 07:26
Severity ?
Summary
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugs.telegram.org/c/17831 | Product | |
cve@mitre.org | https://pastebin.com/72MRwNXW | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugs.telegram.org/c/17831 | Product | |
af854a3a-2127-422b-91ae-364da2661108 | https://pastebin.com/72MRwNXW | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:15.3.1:*:*:*:*:-:*:*", matchCriteriaId: "38224B8F-C41F-4028-B455-0B56172C9FB5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.", }, { lang: "es", value: "** EN DISPUTA ** Telegram Web 15.3.1 permite XSS a través de un determinado payload derivado de un sitio web de Target Corporation. NOTA: algunos terceros no han podido discernir ninguna relación entre la información de Pastebin y un posible hallazgo XSS.", }, ], id: "CVE-2022-43363", lastModified: "2024-11-21T07:26:20.600", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-06T16:15:11.260", references: [ { source: "cve@mitre.org", tags: [ "Product", ], url: "https://bugs.telegram.org/c/17831", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://pastebin.com/72MRwNXW", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://bugs.telegram.org/c/17831", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://pastebin.com/72MRwNXW", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/ | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una Confusión de Tipos en el constructor de VDasher de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría acceder a la memoria de la pila de Telegram fuera de límites en un dispositivo víctima por medio de una pegatina animada maliciosa", }, ], id: "CVE-2021-31317", lastModified: "2024-11-21T06:05:25.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.640", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-843", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-12 08:15
Modified
2024-11-21 05:57
Severity ?
Summary
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html | Third Party Advisory | |
cve@mitre.org | https://www.youtube.com/watch?v=zEt-_5b4OaA | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.youtube.com/watch?v=zEt-_5b4OaA | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:*:*:*", matchCriteriaId: "AEF887D9-2A97-48A1-B362-398B496F76CC", versionEndExcluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", matchCriteriaId: "387021A0-AF36-463C-A605-32EA7DAC172E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.", }, { lang: "es", value: "Telegram versiones anteriores a 7.4 (212543) Stable en macOS almacena el código de acceso local en texto sin cifrar, conllevando a una la divulgación de información", }, ], id: "CVE-2021-27204", lastModified: "2024-11-21T05:57:34.457", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-12T08:15:11.167", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.youtube.com/watch?v=zEt-_5b4OaA", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.youtube.com/watch?v=zEt-_5b4OaA", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-03 22:29
Modified
2024-11-21 04:06
Severity ?
Summary
An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0. The "Secret Chats" functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request. There is a bug in this functionality that leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.
References
▼ | URL | Tags | |
---|---|---|---|
talos-cna@cisco.com | http://www.securityfocus.com/bid/106295 | Broken Link, Third Party Advisory, VDB Entry | |
talos-cna@cisco.com | https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106295 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:4.9.0:*:*:*:*:android:*:*", matchCriteriaId: "D8F8E255-2E37-43E2-B42E-133D6EB33985", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An exploitable information disclosure vulnerability exists in the \"Secret Chats\" functionality of the Telegram Android messaging application version 4.9.0. The \"Secret Chats\" functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request. There is a bug in this functionality that leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.", }, { lang: "es", value: "Existe una vulnerabilidad explotable de divulgación de información en la funcionalidad de \"Chats Secretos\" en la aplicación de mensajería de Telegram para Android en la versión 4.9.0. La funcionalidad de \"Chats Secretos\" permite a un usuario borrar todo rastro de un chat, ya sea mediante el uso de un desencadenante de tiempo o bajo petición directa. Hay un error en esta funcionalidad que mantiene las fotos sacadas y compartidas en los chats secretos, incluso después de la eliminación de los mismos. Dichas fotos se almacenarán en el dispositivo y serán accesibles a todas las aplicaciones instaladas en el dispositivo Android.", }, ], id: "CVE-2018-3986", lastModified: "2024-11-21T04:06:26.403", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.6, impactScore: 3.6, source: "talos-cna@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-03T22:29:00.370", references: [ { source: "talos-cna@cisco.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106295", }, { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106295", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1,, están afectados por una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en la función LottieParserImpl::parseDashProperty de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría acceder a la memoria de la pila fuera de límites en un dispositivo víctima por medio de una etiqueta animada maliciosa", }, ], id: "CVE-2021-31323", lastModified: "2024-11-21T06:05:25.857", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.863", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lottieparserimpl-parsedashproperty-heap-buffer-overflow/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lottieparserimpl-parsedashproperty-heap-buffer-overflow/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-18 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/ | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:android:*:*", matchCriteriaId: "A1029181-1937-4E7D-9DF7-227A60AED350", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "94020ED0-432B-4DF0-BE20-0A8054C9814D", versionEndExcluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:telegram:telegram:*:*:*:*:*:macos:*:*", matchCriteriaId: "102C507F-8C62-41E8-BF29-280FE32091AB", versionEndExcluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, { lang: "es", value: "Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por un Desbordamiento de Enteros en la función LOTGradient::populate de su derivación personalizada de la biblioteca rlottie. Un atacante remoto podría acceder a la memoria de la pila fuera de límites en un dispositivo víctima por medio de una etiqueta animada maliciosa", }, ], id: "CVE-2021-31319", lastModified: "2024-11-21T06:05:25.280", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-18T20:15:07.713", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2019-16248
Vulnerability from cvelistv5
Published
2019-09-11 22:19
Modified
2024-08-05 01:10
Severity ?
EPSS score ?
Summary
The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that a sender can remove a recipient's copy of a previously sent image (analogous to supported functionality in which a sender can remove a recipient's copy of a previously sent message).
References
▼ | URL | Tags |
---|---|---|
https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html | x_refsource_MISC | |
https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf | x_refsource_MISC | |
https://www.openwall.com/lists/oss-security/2019/09/09/2 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:10:41.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2019/09/09/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The \"delete for\" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that a sender can remove a recipient's copy of a previously sent image (analogous to supported functionality in which a sender can remove a recipient's copy of a previously sent message).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-11T22:19:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.openwall.com/lists/oss-security/2019/09/09/2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-16248", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The \"delete for\" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that a sender can remove a recipient's copy of a previously sent image (analogous to supported functionality in which a sender can remove a recipient's copy of a previously sent message).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html", refsource: "MISC", url: "https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html", }, { name: "https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf", refsource: "MISC", url: "https://github.com/RootUp/PersonalStuff/blob/master/Telegram_Privacy.pdf", }, { name: "https://www.openwall.com/lists/oss-security/2019/09/09/2", refsource: "MISC", url: "https://www.openwall.com/lists/oss-security/2019/09/09/2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-16248", datePublished: "2019-09-11T22:19:49", dateReserved: "2019-09-11T00:00:00", dateUpdated: "2024-08-05T01:10:41.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-26818
Vulnerability from cvelistv5
Published
2023-05-19 00:00
Modified
2025-01-21 19:56
Severity ?
EPSS score ?
Summary
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:53:54.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://telegram.com", }, { tags: [ "x_transferred", ], url: "https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-26818", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-21T19:55:20.515781Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-21T19:56:06.864Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-19T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "http://telegram.com", }, { url: "https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-26818", datePublished: "2023-05-19T00:00:00", dateReserved: "2023-02-27T00:00:00", dateUpdated: "2025-01-21T19:56:06.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-30496
Vulnerability from cvelistv5
Published
2021-04-20 00:00
Modified
2024-08-03 22:32
Severity ?
EPSS score ?
Summary
The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor's perspective is that "this behavior can't be considered a vulnerability."
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:telegram:telegram:*:*:*:*:*:iphone_os:*:*", ], defaultStatus: "unknown", product: "telegram", vendor: "telegram", versions: [ { status: "affected", version: "7.6.2", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-30496", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-01T14:44:16.196509Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:12:40.657Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T22:32:41.088Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31", }, { tags: [ "x_transferred", ], url: "https://t.me/joinchat/bJ9cnUosVh03ZTI0", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor's perspective is that \"this behavior can't be considered a vulnerability.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31", }, { url: "https://t.me/joinchat/bJ9cnUosVh03ZTI0", }, ], tags: [ "disputed", ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-30496", datePublished: "2021-04-20T00:00:00", dateReserved: "2021-04-11T00:00:00", dateUpdated: "2024-08-03T22:32:41.088Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-15542
Vulnerability from cvelistv5
Published
2018-10-09 15:00
Modified
2024-08-05 09:54
Severity ?
EPSS score ?
Summary
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred
References
▼ | URL | Tags |
---|---|---|
https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d | x_refsource_MISC |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2018-15542", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-18T19:56:42.760263Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-18T19:56:55.097Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T09:54:03.611Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-08T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15542", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d", refsource: "MISC", url: "https://gist.github.com/tanprathan/18d0f692a2485acfb5693e2f6dabeb5d", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15542", datePublished: "2018-10-09T15:00:00", dateReserved: "2018-08-19T00:00:00", dateUpdated: "2024-08-05T09:54:03.611Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10570
Vulnerability from cvelistv5
Published
2020-03-24 13:56
Modified
2024-08-04 11:06
Severity ?
EPSS score ?
Summary
The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature.
References
▼ | URL | Tags |
---|---|---|
https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:06:09.928Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-24T13:56:47", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-10570", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570", refsource: "MISC", url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-10570", datePublished: "2020-03-24T13:56:47", dateReserved: "2020-03-14T00:00:00", dateUpdated: "2024-08-04T11:06:09.928Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31321
Vulnerability from cvelistv5
Published
2021-05-18 19:43
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. A remote attacker might be able to overwrite Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.529Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. A remote attacker might be able to overwrite Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:43:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31321", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. A remote attacker might be able to overwrite Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { name: "https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31321", datePublished: "2021-05-18T19:43:44", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.529Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-20436
Vulnerability from cvelistv5
Published
2018-12-24 20:00
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the "Secret chats > Preview links" setting
References
▼ | URL | Tags |
---|---|---|
https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html | x_refsource_MISC | |
https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:58:19.486Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-24T00:00:00", descriptions: [ { lang: "en", value: "The \"secret chat\" feature in Telegram 4.9.1 for Android has a \"side channel\" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the \"Secret chats > Preview links\" setting", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-31T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html", }, { tags: [ "x_refsource_MISC", ], url: "https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20436", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** The \"secret chat\" feature in Telegram 4.9.1 for Android has a \"side channel\" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the \"Secret chats > Preview links\" setting.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html", refsource: "MISC", url: "https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguir-una.html", }, { name: "https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html", refsource: "MISC", url: "https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20436", datePublished: "2018-12-24T20:00:00", dateReserved: "2018-12-24T00:00:00", dateUpdated: "2024-08-05T11:58:19.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12474
Vulnerability from cvelistv5
Published
2020-05-01 13:45
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.
References
▼ | URL | Tags |
---|---|---|
https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:52.071Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-04-30T00:00:00", descriptions: [ { lang: "en", value: "Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-01T13:45:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12474", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474", refsource: "MISC", url: "https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12474", datePublished: "2020-05-01T13:45:28", dateReserved: "2020-04-29T00:00:00", dateUpdated: "2024-08-04T11:56:52.071Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-15543
Vulnerability from cvelistv5
Published
2018-10-09 15:00
Modified
2024-11-14 20:28
Severity ?
EPSS score ?
Summary
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in conjunction with the Android keyGenerator class is not implemented. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred
References
▼ | URL | Tags |
---|---|---|
https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:54:03.612Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-15543", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-14T20:28:21.355638Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-14T20:28:45.142Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-08T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in conjunction with the Android keyGenerator class is not implemented. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15543", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in conjunction with the Android keyGenerator class is not implemented. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd", refsource: "MISC", url: "https://gist.github.com/tanprathan/d286c0d5b02e344606287774304a1ccd", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15543", datePublished: "2018-10-09T15:00:00", dateReserved: "2018-08-19T00:00:00", dateUpdated: "2024-11-14T20:28:45.142Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27205
Vulnerability from cvelistv5
Published
2021-02-12 07:48
Modified
2024-08-03 20:40
Severity ?
EPSS score ?
Summary
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html | x_refsource_MISC | |
https://www.youtube.com/watch?v=Go-4srm_1fQ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:40:47.392Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.youtube.com/watch?v=Go-4srm_1fQ", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-12T07:48:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.youtube.com/watch?v=Go-4srm_1fQ", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-27205", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", refsource: "MISC", url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { name: "https://www.youtube.com/watch?v=Go-4srm_1fQ", refsource: "MISC", url: "https://www.youtube.com/watch?v=Go-4srm_1fQ", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-27205", datePublished: "2021-02-12T07:48:39", dateReserved: "2021-02-12T00:00:00", dateUpdated: "2024-08-03T20:40:47.392Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31317
Vulnerability from cvelistv5
Published
2021-05-18 19:44
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:44:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31317", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { name: "https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31317", datePublished: "2021-05-18T19:44:46", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31323
Vulnerability from cvelistv5
Published
2021-05-18 19:43
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.463Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lottieparserimpl-parsedashproperty-heap-buffer-overflow/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:43:27", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lottieparserimpl-parsedashproperty-heap-buffer-overflow/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31323", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { name: "https://www.shielder.it/advisories/telegram-rlottie-lottieparserimpl-parsedashproperty-heap-buffer-overflow/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-lottieparserimpl-parsedashproperty-heap-buffer-overflow/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31323", datePublished: "2021-05-18T19:43:27", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.463Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31319
Vulnerability from cvelistv5
Published
2021-05-18 19:44
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.457Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:44:26", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31319", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { name: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31319", datePublished: "2021-05-18T19:44:26", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.457Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27351
Vulnerability from cvelistv5
Published
2021-02-19 18:57
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.
References
▼ | URL | Tags |
---|---|---|
https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/202105-07 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:48:16.359Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html", }, { name: "GLSA-202105-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202105-07", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-26T09:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html", }, { name: "GLSA-202105-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202105-07", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-27351", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html", refsource: "MISC", url: "https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html", }, { name: "GLSA-202105-07", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202105-07", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-27351", datePublished: "2021-02-19T18:57:52", dateReserved: "2021-02-16T00:00:00", dateUpdated: "2024-08-03T20:48:16.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27204
Vulnerability from cvelistv5
Published
2021-02-12 07:48
Modified
2024-08-03 20:40
Severity ?
EPSS score ?
Summary
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html | x_refsource_MISC | |
https://www.youtube.com/watch?v=zEt-_5b4OaA | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:40:47.413Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.youtube.com/watch?v=zEt-_5b4OaA", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-12T07:48:51", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.youtube.com/watch?v=zEt-_5b4OaA", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-27204", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", refsource: "MISC", url: "https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html", }, { name: "https://www.youtube.com/watch?v=zEt-_5b4OaA", refsource: "MISC", url: "https://www.youtube.com/watch?v=zEt-_5b4OaA", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-27204", datePublished: "2021-02-12T07:48:51", dateReserved: "2021-02-12T00:00:00", dateUpdated: "2024-08-03T20:40:47.413Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31318
Vulnerability from cvelistv5
Published
2021-05-18 19:44
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.491Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotcomplayeritem-lotcomplayeritem-type-confusion/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:44:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotcomplayeritem-lotcomplayeritem-type-confusion/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31318", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { name: "https://www.shielder.it/advisories/telegram-rlottie-lotcomplayeritem-lotcomplayeritem-type-confusion/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-lotcomplayeritem-lotcomplayeritem-type-confusion/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31318", datePublished: "2021-05-18T19:44:37", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.491Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31320
Vulnerability from cvelistv5
Published
2021-05-18 19:44
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.487Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vgradientcache-generategradientcolortable-heap-buffer-overflow/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:44:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-vgradientcache-generategradientcolortable-heap-buffer-overflow/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31320", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { name: "https://www.shielder.it/advisories/telegram-rlottie-vgradientcache-generategradientcolortable-heap-buffer-overflow/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-vgradientcache-generategradientcolortable-heap-buffer-overflow/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31320", datePublished: "2021-05-18T19:44:14", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.487Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31315
Vulnerability from cvelistv5
Published
2021-05-18 19:45
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.611Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:45:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31315", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow/", }, { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31315", datePublished: "2021-05-18T19:45:09", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.611Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-43363
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:26
Severity ?
EPSS score ?
Summary
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:26:02.861Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.telegram.org/c/17831", }, { tags: [ "x_transferred", ], url: "https://pastebin.com/72MRwNXW", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.telegram.org/c/17831", }, { url: "https://pastebin.com/72MRwNXW", }, ], tags: [ "disputed", ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-43363", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-17T00:00:00", dateUpdated: "2024-08-03T13:26:02.861Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-34658
Vulnerability from cvelistv5
Published
2023-06-29 00:00
Modified
2024-11-27 14:22
Severity ?
EPSS score ?
Summary
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.
References
▼ | URL | Tags |
---|---|---|
https://crsrg.sh/crsrg-2308101/ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:17:04.096Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://crsrg.sh/crsrg-2308101/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-34658", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-27T14:22:19.752376Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1021", description: "CWE-1021 Improper Restriction of Rendered UI Layers or Frames", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-27T14:22:57.883Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-29T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://crsrg.sh/crsrg-2308101/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-34658", datePublished: "2023-06-29T00:00:00", dateReserved: "2023-06-07T00:00:00", dateUpdated: "2024-11-27T14:22:57.883Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-15514
Vulnerability from cvelistv5
Published
2019-08-23 12:07
Modified
2024-08-05 00:49
Severity ?
EPSS score ?
Summary
The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:49:13.699Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-23T12:07:53", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-15514", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub", refsource: "MISC", url: "https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-15514", datePublished: "2019-08-23T12:07:53", dateReserved: "2019-08-23T00:00:00", dateUpdated: "2024-08-05T00:49:13.699Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10044
Vulnerability from cvelistv5
Published
2019-03-25 19:29
Modified
2024-08-04 22:10
Severity ?
EPSS score ?
Summary
Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
References
▼ | URL | Tags |
---|---|---|
https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt | x_refsource_MISC | |
http://www.securityfocus.com/bid/107610 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:10:09.354Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt", }, { name: "107610", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107610", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-29T06:06:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt", }, { name: "107610", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107610", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-10044", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt", refsource: "MISC", url: "https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt", }, { name: "107610", refsource: "BID", url: "http://www.securityfocus.com/bid/107610", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-10044", datePublished: "2019-03-25T19:29:17", dateReserved: "2019-03-25T00:00:00", dateUpdated: "2024-08-04T22:10:09.354Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-36769
Vulnerability from cvelistv5
Published
2021-07-16 23:03
Modified
2024-08-04 01:01
Severity ?
EPSS score ?
Summary
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.
References
▼ | URL | Tags |
---|---|---|
https://mtpsym.github.io | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:01:59.025Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://mtpsym.github.io", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-16T23:03:50", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://mtpsym.github.io", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-36769", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://mtpsym.github.io", refsource: "MISC", url: "https://mtpsym.github.io", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-36769", datePublished: "2021-07-16T23:03:50", dateReserved: "2021-07-16T00:00:00", dateUpdated: "2024-08-04T01:01:59.025Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41861
Vulnerability from cvelistv5
Published
2021-10-04 02:58
Modified
2024-08-04 03:22
Severity ?
EPSS score ?
Summary
The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:22:25.000Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://habr.com/ru/post/580582/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://telegram.org/blog/autodelete-inv2/ru#avtomaticheskoe-udalenie-soobschenii", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://desktop.telegram.org/changelog#v-2-6-23-02-21", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://pikabu.ru/story/konfidentsialnost_polzovateley_telegram_snova_narushena_predstaviteli_messendzhera_trebuyut_ne_raskryivat_podrobnostey_8511495", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-04T02:58:42", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://habr.com/ru/post/580582/", }, { tags: [ "x_refsource_MISC", ], url: "https://telegram.org/blog/autodelete-inv2/ru#avtomaticheskoe-udalenie-soobschenii", }, { tags: [ "x_refsource_MISC", ], url: "https://desktop.telegram.org/changelog#v-2-6-23-02-21", }, { tags: [ "x_refsource_MISC", ], url: "https://pikabu.ru/story/konfidentsialnost_polzovateley_telegram_snova_narushena_predstaviteli_messendzhera_trebuyut_ne_raskryivat_podrobnostey_8511495", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-41861", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://habr.com/ru/post/580582/", refsource: "MISC", url: "https://habr.com/ru/post/580582/", }, { name: "https://telegram.org/blog/autodelete-inv2/ru#avtomaticheskoe-udalenie-soobschenii", refsource: "MISC", url: "https://telegram.org/blog/autodelete-inv2/ru#avtomaticheskoe-udalenie-soobschenii", }, { name: "https://desktop.telegram.org/changelog#v-2-6-23-02-21", refsource: "MISC", url: "https://desktop.telegram.org/changelog#v-2-6-23-02-21", }, { name: "https://pikabu.ru/story/konfidentsialnost_polzovateley_telegram_snova_narushena_predstaviteli_messendzhera_trebuyut_ne_raskryivat_podrobnostey_8511495", refsource: "MISC", url: "https://pikabu.ru/story/konfidentsialnost_polzovateley_telegram_snova_narushena_predstaviteli_messendzhera_trebuyut_ne_raskryivat_podrobnostey_8511495", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-41861", datePublished: "2021-10-04T02:58:42", dateReserved: "2021-10-01T00:00:00", dateUpdated: "2024-08-04T03:22:25.000Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3986
Vulnerability from cvelistv5
Published
2019-01-03 23:00
Modified
2024-08-05 04:57
Severity ?
EPSS score ?
Summary
An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0. The "Secret Chats" functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request. There is a bug in this functionality that leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106295 | vdb-entry, x_refsource_BID | |
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:57:24.563Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "106295", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106295", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Telegram", vendor: "n/a", versions: [ { status: "affected", version: "Telegram Messaging Application for Android 4.9.0", }, ], }, ], datePublic: "2019-01-03T00:00:00", descriptions: [ { lang: "en", value: "An exploitable information disclosure vulnerability exists in the \"Secret Chats\" functionality of the Telegram Android messaging application version 4.9.0. The \"Secret Chats\" functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request. There is a bug in this functionality that leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Exposure of Private Information", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T18:07:33", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { name: "106295", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106295", }, { tags: [ "x_refsource_MISC", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "talos-cna@cisco.com", ID: "CVE-2018-3986", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Telegram", version: { version_data: [ { version_value: "Telegram Messaging Application for Android 4.9.0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An exploitable information disclosure vulnerability exists in the \"Secret Chats\" functionality of the Telegram Android messaging application version 4.9.0. The \"Secret Chats\" functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request. There is a bug in this functionality that leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.", }, ], }, impact: { cvss: { baseScore: 4.2, baseSeverity: "Medium", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Exposure of Private Information", }, ], }, ], }, references: { reference_data: [ { name: "106295", refsource: "BID", url: "http://www.securityfocus.com/bid/106295", }, { name: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654", refsource: "MISC", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0654", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2018-3986", datePublished: "2019-01-03T23:00:00", dateReserved: "2018-01-02T00:00:00", dateUpdated: "2024-08-05T04:57:24.563Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31322
Vulnerability from cvelistv5
Published
2021-05-18 19:43
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.581Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-18T19:43:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31322", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", refsource: "MISC", url: "https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/", }, { name: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/", refsource: "MISC", url: "https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31322", datePublished: "2021-05-18T19:43:37", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.581Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }