CVE-2021-47793

NameCVE-2021-47793
DescriptionTelegram Desktop 2.9.2 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized message payload. Attackers can generate a 9 million byte buffer and paste it into the messaging interface to trigger an application crash.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
telegram-desktop (PTS)bullseye3.1.1+ds-1~deb11u2undetermined
bookworm4.6.5+ds-2undetermined
forky, sid5.7.2+ds-4undetermined

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
telegram-desktopsource(unstable)undetermined

Notes

https://www.exploit-db.com/exploits/50247
check
Search for package or bug name: Reporting problems