CVE-2020-12474

Опубликовано: 01 мая 2020

Источник: debian

EPSS Низкий

Описание

Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
telegram-desktop	fixed	2.1.0+ds-1		package
telegram-desktop	no-dsa		buster	package

Примечания

https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474

EPSS

Процентиль: 73%

0.00795

Низкий

Связанные уязвимости

CVE-2020-12474

CVSS3: 6.5

ubuntu

почти 6 лет назад

Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.

CVE-2020-12474

CVSS3: 6.5

nvd

почти 6 лет назад

Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.

GHSA-mf6c-m6cw-6m7x

github

больше 3 лет назад

Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.

EPSS

Процентиль: 73%

0.00795

Низкий