{"id":"CVE-2016-10351","details":"Telegram Desktop 0.10.19 uses 0755 permissions for $HOME/.TelegramDesktop, which allows local users to obtain sensitive authentication information via standard filesystem operations.","modified":"2026-04-10T03:47:27.657452Z","published":"2017-05-01T01:59:00.263Z","references":[{"type":"WEB","url":"https://github.com/telegramdesktop/tdesktop/pull/3842/commits/388703b9ca1912a5438e37f9dd54c35805f2c594"},{"type":"FIX","url":"https://github.com/telegramdesktop/tdesktop/issues/2666"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/telegramdesktop/tdesktop","events":[{"introduced":"0"},{"last_affected":"802349d04229e579a356bed8eafd7fd0943cf99d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.10.19"}]}}],"versions":["v0.10.1","v0.10.14","v0.10.15","v0.10.16","v0.10.18","v0.10.19","v0.10.2","v0.10.4","v0.10.5","v0.10.6","v0.5.0","v0.5.1","v0.5.11","v0.5.12","v0.5.13","v0.5.14","v0.5.15","v0.5.16","v0.5.17","v0.5.18","v0.5.19","v0.5.20","v0.5.21","v0.5.6","v0.5.7","v0.5.8","v0.5.9","v0.6.0","v0.6.1","v0.6.10","v0.6.11","v0.6.13","v0.6.14","v0.6.17","v0.6.18","v0.6.19","v0.6.2","v0.6.20","v0.6.21","v0.6.3","v0.6.4","v0.6.6","v0.6.7","v0.6.8","v0.6.9","v0.7.0","v0.7.1","v0.7.10","v0.7.11","v0.7.12","v0.7.13","v0.7.14","v0.7.15","v0.7.16","v0.7.17","v0.7.18","v0.7.2","v0.7.20","v0.7.21","v0.7.22","v0.7.23","v0.7.24","v0.7.25","v0.7.26","v0.7.3","v0.7.4","v0.7.5","v0.7.6","v0.7.7","v0.7.9","v0.8.0","v0.8.1","v0.8.10","v0.8.11","v0.8.12","v0.8.14","v0.8.15","v0.8.16","v0.8.17","v0.8.18","v0.8.19","v0.8.2","v0.8.21","v0.8.22","v0.8.23","v0.8.24","v0.8.25","v0.8.26","v0.8.27","v0.8.28","v0.8.29","v0.8.3","v0.8.30","v0.8.31","v0.8.32","v0.8.33","v0.8.34","v0.8.35","v0.8.38","v0.8.39","v0.8.40","v0.8.41","v0.8.42","v0.8.43","v0.8.44","v0.8.45","v0.8.48","v0.8.49","v0.8.5","v0.8.50","v0.8.51","v0.8.52","v0.8.53","v0.8.54","v0.8.55","v0.8.58","v0.8.59","v0.8.7","v0.8.8","v0.8.9","v0.9.0","v0.9.1","v0.9.11","v0.9.12","v0.9.13","v0.9.14","v0.9.19","v0.9.2","v0.9.20","v0.9.21","v0.9.22","v0.9.23","v0.9.24","v0.9.27","v0.9.28","v0.9.29","v0.9.3","v0.9.30","v0.9.31","v0.9.34","v0.9.35","v0.9.36","v0.9.43","v0.9.45","v0.9.46","v0.9.49","v0.9.50","v0.9.51","v0.9.56","v0.9.57","v0.9.6","v0.9.7","v0.9.8"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10351.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}