Telegram for iOS

CVEs (4)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2021-31318	Telegramdesktop Telegram Android	—	0.00	May 18, 2021	Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a…
CVE-2021-31319	Telegramdesktop Telegram Android	—	0.00	May 18, 2021	Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim…
CVE-2021-31320	Telegramdesktop Telegram Android	—	0.01	May 18, 2021	Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory…
CVE-2020-12474	Telegramdesktop Telegram Desktop	—	0.01	May 1, 2020	Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.

CVE-2021-31318May 18, 2021
Telegramdesktop
Telegram Android
risk 0.00cvss —epss 0.00
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a…
CVE-2021-31319May 18, 2021
Telegramdesktop
Telegram Android
risk 0.00cvss —epss 0.00
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim…
CVE-2021-31320May 18, 2021
Telegramdesktop
Telegram Android
risk 0.00cvss —epss 0.01
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory…
CVE-2020-12474May 1, 2020
Telegramdesktop
Telegram Desktop
risk 0.00cvss —epss 0.01
Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.