Telegram heap buffer overflow vulnerability (CNVD-2021-38310)

Telegram is an instant messaging mobile application. A heap buffer overflow vulnerability exists in the custom derived LottieParserImpl :: parseDashProperty function of the rlottie library in Telegram for Android prior to version 7.1.0 2090, iOS prior to version 7.1, and macOS prior to version 7....

CVE-2021-31323

Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via ...

Heap overflow

Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via ...

CVE-2021-31323

Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via ...

CVE-2021-31323

Telegram mobile/desktop apps are affected by a heap buffer overflow in the LottieParserImpl::parseDashProperty function of a custom rlottie fork. Affected versions are Android <7.1.0 (2090), iOS <7.1, and macOS