Vulnerabilities > Telegram
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-18 | CVE-2021-31319 | Integer Overflow or Wraparound vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. | 4.3 |
| 2021-05-18 | CVE-2021-31320 | Out-of-bounds Write vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. | 5.8 |
| 2021-05-18 | CVE-2021-31321 | Out-of-bounds Write vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. | 5.8 |
| 2021-05-18 | CVE-2021-31322 | Out-of-bounds Write vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. | 4.3 |
| 2021-05-18 | CVE-2021-31323 | Out-of-bounds Write vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. | 4.3 |
| 2021-04-20 | CVE-2021-30496 | Unspecified vulnerability in Telegram 7.6.2 The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. | 5.7 |
| 2021-02-19 | CVE-2021-27351 | Insufficient Session Expiration vulnerability in Telegram The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session. | 5.0 |
| 2021-02-12 | CVE-2021-27205 | Cleartext Storage of Sensitive Information vulnerability in Telegram Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure. | 2.1 |
| 2021-02-12 | CVE-2021-27204 | Cleartext Storage of Sensitive Information vulnerability in Telegram Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure. | 2.1 |
| 2020-10-14 | CVE-2020-25824 | Missing Authorization vulnerability in Telegram Desktop Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. | 2.1 |