CVE-2021-41861
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-41861
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-41861.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-41861
- Published
- 2021-10-04T03:15:16.787Z
- Modified
- 2025-11-14T11:03:32.007358Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted (on both the sender and recipient sides). The images are still present in the /Storage/Emulated/0/Telegram/Telegram Image/ directory.
- References
-
- https://desktop.telegram.org/changelog#v-2-6-23-02-21
- https://habr.com/ru/post/580582/
- https://pikabu.ru/story/konfidentsialnost_polzovateley_telegram_snova_narushena_predstaviteli_messendzhera_trebuyut_ne_raskryivat_podrobnostey_8511495
- https://telegram.org/blog/autodelete-inv2/ru#avtomaticheskoe-udalenie-soobschenii
Affected packages
Git / github.com/drklo/telegram
Affected ranges
- Type
- GIT
- Repo
- https://github.com/drklo/telegram
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
release-5.*
release-5.13.0_1818
release-5.13.0_1819
release-5.13.0_1820
release-5.13.0_1821
release-5.13.0_1823
release-5.13.1_1826
release-5.13.1_1829
release-5.14.0_1846
release-5.14.0_1849
release-5.14.0_1851
release-5.15.0_1864
release-5.15.0_1866
release-5.15.0_1867
release-5.15.0_1868
release-5.15.0_1869
release-6.*
release-6.0.0_1908
release-6.0.1_1910
release-6.0.1_1911
release-6.1.0_1938
release-6.1.0_1940
release-6.1.0_1941
release-6.1.1_1945
release-6.1.1_1946
release-6.2.0_1984
release-6.2.0_1985
release-6.2.0_1986
release-6.2.0_1988
release-6.3.0_2040
release-6.3.0_2042
release-7.*
release-7.0.0_2060
release-7.0.0_2061
release-7.0.0_2064
release-7.0.1_2065
release-7.1.0_2090
release-7.1.0_2092
release-7.1.1_2094
release-7.1.1_2096
release-7.1.2_2098
release-7.1.3_2100
release-7.1.3_2103
release-7.2.0_2128
release-7.2.0_2134
release-7.2.1_2135
release-7.2.1_2136
release-7.2.1_2137
release-7.2.1_2139
release-7.3.0_2195
release-7.3.0_2196
release-7.3.0_2197
release-7.3.0_2206
release-7.4.0_2221
release-7.4.0_2223
release-7.4.1_2225
release-7.4.2_2227
release-7.5.0_2243
release-7.5.0_2244
release-7.5.0_2245
release-7.5.0_2246
release-7.6.0_2264
release-7.6.1_2274
release-7.7.0_2284
release-7.7.1_2291
release-7.7.2_2293
release-7.8.0_2360