CVE-2024-57435

Medium CVSS: 6.5

In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation interface resulting in a null pointer dereference occurring in all subsequent operations that require authentication, which triggers a denial-of-service attack and service restart failure.

Vendor

Macrozheng

Product

Mall-tiny

CWE

CWE-476

Yayın Tarihi

2025-01-31 22:15:13

Güncelleme

2025-04-22 15:27:10

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-476 Mall-tiny MEDIUM Macrozheng 2025

Referanslar

https://github.com/peccc/restful_vul/blob/main/mall_tiny_dos/mall_tiny_dos.md https://github.com/peccc/restful_vul/blob/main/mall_tiny_dos/mall_tiny_dos.md

Benzer Kayıtlar

Critical

CVE-2026-25858

macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workf…

Medium

CVE-2025-15118

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of th…

Medium

CVE-2025-14016

A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the…

Medium

CVE-2025-13443

A vulnerability was detected in macrozheng mall up to 1.0.3. Affected by this issue is the function delete of the file /…

Medium

CVE-2025-13117

A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability…

Medium

CVE-2025-13118

A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this issue is the function paySu…