5 matches found
The vulnerability of the VDasher constructor in the Lottie playback library, related to data type conversion errors, allows attackers to access confidential data.
The vulnerability of the VDasher compiler’s Lottie animation playback library Rlottie is related to data type conversion errors. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data through a malicious animated sticker...
UBUNTU-CVE-2021-31317
Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated...
CVE-2021-31317
Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated...
Telegram 缓冲区错误漏洞
Telegram is an instant messaging mobile application. Telegram versions prior to 7.1.0 2090 for Android, 7.1 for iOS, and 7.1 for macOS are subject to a type obfuscation vulnerability in the custom derived VDasher constructor function of the rlottie library. An attacker can exploit this...
PT-2020-6438 · Telegram +2 · Telegram Macos +4
Name of the Vulnerable Software and Affected Versions: Telegram Android versions 7.0 through 7.0 2090 Telegram iOS versions prior to 7.1 Telegram macOS versions prior to 7.1 Description: The issue is related to type confusion errors in the VDasher constructor of the custom rlottie library used fo...