CVE-2018-17231

Name of the Vulnerable Software and Affected Versions Telegram Desktop (aka tdesktop) version 1.3.14

Description The issue might allow attackers to cause a denial of service, resulting in an assertion failure and application exit, via an "Edit color palette" search that triggers an "index out of range" condition. This issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary.

Recommendations For Telegram Desktop (aka tdesktop) version 1.3.14, as a temporary workaround, consider restricting the use of the "Edit color palette" feature until a patch is available. Avoid using the "Edit color palette" search function to minimize the risk of triggering the "index out of range" condition. At the moment, there is no information about a newer version that contains a fix for this vulnerability.