9 matches found
The vulnerability of the VDasher constructor in the Lottie playback library, related to data type conversion errors, allows attackers to access confidential data.
The vulnerability of the VDasher compiler’s Lottie animation playback library Rlottie is related to data type conversion errors. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data through a malicious animated sticker...
The vulnerability of the LottieParserImpl::parseDashProperty function in the Telegram Messenger messaging application allows a hacker to disclose protected information.
The vulnerability of the LottieParserImpl::parseDashProperty function in the instant messaging application Telegram Messenger is caused by a buffer overflow in the queue. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose sensitive information through the...
CVE-2021-31319
Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious...
CVE-2021-31323
Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via ...
CVE-2021-31318
Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a...
UBUNTU-CVE-2021-31317
Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated...
UBUNTU-CVE-2021-31318
Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a...
PT-2021-19239 · Telegram +2 · Telegram Ios +4
Name of the Vulnerable Software and Affected Versions: Telegram Android versions prior to 7.1.0 2090 Telegram iOS versions prior to 7.1 Telegram macOS versions prior to 7.1 Description: The issue is related to an Integer Overflow in the LOTGradient::populate function of the custom fork of the...
PT-2020-6438 · Telegram +2 · Telegram Macos +4
Name of the Vulnerable Software and Affected Versions: Telegram Android versions 7.0 through 7.0 2090 Telegram iOS versions prior to 7.1 Telegram macOS versions prior to 7.1 Description: The issue is related to type confusion errors in the VDasher constructor of the custom rlottie library used fo...