Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-05-18T19:44:37
Updated: 2024-08-03T22:55:53.491Z
Reserved: 2021-04-15T00:00:00
Link: CVE-2021-31318
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-18T20:15:07.677
Modified: 2024-11-21T06:05:25.137
Link: CVE-2021-31318
Redhat
No data.