3 matches found
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the KillAction and RestartAction API handlers when a log entry is created with a nil binding through StartActionByGet using an invalid action ID. An attacker can cause repeated server-side panics and disrupt...
GHSA-FWHJ-785H-43HH OliveTin has crash on NPE by calling APIs with invalid bindings or log references
Summary An unauthenticated attacker can trigger server-side panics by first creating an execution log entry with a nil binding via StartActionByGet invalid action ID, then calling KillAction or RestartAction on that tracking ID. This causes a nil-pointer dereference in API handlers and results in...
OliveTin has crash on NPE by calling APIs with invalid bindings or log references
Summary An unauthenticated attacker can trigger server-side panics by first creating an execution log entry with a nil binding via StartActionByGet invalid action ID, then calling KillAction or RestartAction on that tracking ID. This causes a nil-pointer dereference in API handlers and results in...