diff --git a/CVE-2024/CVE-2024-564xx/CVE-2024-56406.json b/CVE-2024/CVE-2024-564xx/CVE-2024-56406.json new file mode 100644 index 00000000000..87cbd04f710 --- /dev/null +++ b/CVE-2024/CVE-2024-564xx/CVE-2024-56406.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56406", + "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", + "published": "2025-04-13T14:15:14.527", + "lastModified": "2025-04-13T14:15:14.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A heap buffer overflow vulnerability was discovered in Perl. \n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n\u00a0 \u00a0$ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n\u00a0 \u00a0Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" + }, + { + "url": "https://metacpan.org/release/SHAY/perl-5.38.4/changes", + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" + }, + { + "url": "https://metacpan.org/release/SHAY/perl-5.40.2/changes", + "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2c896ce939b..7988d4667c4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-04-13T14:00:19.794201+00:00 +2025-04-13T16:00:12.365169+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-04-13T12:15:15.713000+00:00 +2025-04-13T14:15:14.527000+00:00 ``` ### Last Data Feed Release @@ -33,16 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -289727 +289728 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `1` -- [CVE-2025-3423](CVE-2025/CVE-2025-34xx/CVE-2025-3423.json) (`2025-04-13T12:15:14.463`) -- [CVE-2025-3536](CVE-2025/CVE-2025-35xx/CVE-2025-3536.json) (`2025-04-13T12:15:15.533`) -- [CVE-2025-3537](CVE-2025/CVE-2025-35xx/CVE-2025-3537.json) (`2025-04-13T12:15:15.713`) +- [CVE-2024-56406](CVE-2024/CVE-2024-564xx/CVE-2024-56406.json) (`2025-04-13T14:15:14.527`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 26832ed8390..849a042f26b 100644 --- a/_state.csv +++ b/_state.csv @@ -276248,6 +276248,7 @@ CVE-2024-5638,0,0,4a64496852c4ee147220588b5d1940917ce749a1b3dd56d16a77a8cf3ed54b CVE-2024-5639,0,0,78123d59d6ff1062d5cdcc1456c84b89eb240e57bd822aee818d4edc5bb804e5,2024-11-21T09:48:04.290000 CVE-2024-5640,0,0,01c62801966d56f9308a985efd017779bd36dfe950ad675d920936fb65a56c1f,2024-11-21T09:48:04.440000 CVE-2024-56404,0,0,0922979315c1e629cdb1fe6a847df3905e5c41f9b68e7cd17dbd9ff65fcb7683,2025-01-24T18:15:31.883000 +CVE-2024-56406,1,1,8715d4d1e2b31527ada3383cbbbd5fbd5426ee4343214fe2e3fb775d85da74b0,2025-04-13T14:15:14.527000 CVE-2024-56408,0,0,afea4ec88a0c4f08d13a60e8ad60ee434ed5e10f4d4e8338b1f856c6e34cc00b,2025-01-03T19:15:12.533000 CVE-2024-56409,0,0,a43aa805ff701655a22fb4deb11b925e5e1108fad53ac1562d0e2d49e92fea52,2025-01-03T19:15:12.627000 CVE-2024-5641,0,0,2dd93bc7f72d9dace7fe09cc2f2eb2c7de91223a0269467571863f0c170a0712,2024-11-21T09:48:04.573000 @@ -289698,7 +289699,7 @@ CVE-2025-3417,0,0,e393b15114feb46d95f488ee34d16b125c38ee49e2798d5b216b189c39465c CVE-2025-3418,0,0,63bba6daa19cec7b3a858974cdad5389fd6e1545a0fd25df63a0f1a7ab755f94,2025-04-12T07:15:27.277000 CVE-2025-3421,0,0,f0b0f2fac32f095e78653a3f079907a85827a89faac1aa3c204f37fe09b5c50e,2025-04-11T15:39:52.920000 CVE-2025-3422,0,0,67da956b7a6b8167e42afa6b34d074d1413252f8ae249df1ac8fab6d91861e99,2025-04-11T15:39:52.920000 -CVE-2025-3423,1,1,a6759f640663e02a9d1450e602bbc4f2da4aa5dedf93fa1a1d3b9733354ac31d,2025-04-13T12:15:14.463000 +CVE-2025-3423,0,0,a6759f640663e02a9d1450e602bbc4f2da4aa5dedf93fa1a1d3b9733354ac31d,2025-04-13T12:15:14.463000 CVE-2025-3424,0,0,f161b96f7ead82573f94b591ee29deb4e0df9f8f7eb925f2312c3762b9a3484d,2025-04-10T16:15:29.207000 CVE-2025-3425,0,0,e4c4f45e6bc4a81a24ca597b6793799084263ef11e2d6bf0b3e7fb89e1bfca21,2025-04-10T16:15:29.350000 CVE-2025-3426,0,0,cedfa9c4f32fcdb1b955b9680fcf595688fe655ff45258ecaefd79f4661dc8ca,2025-04-10T16:15:29.460000 @@ -289724,5 +289725,5 @@ CVE-2025-3532,0,0,022dcfbac09a9d7714f7fba4a6d70ab148637d7bb3cd4719f4211cbd8a3455 CVE-2025-3533,0,0,0cada9eb2b89e8e5ee0d34a229046b7cd957c969be7bc124ac07eec0bba6657d,2025-04-13T10:15:14.287000 CVE-2025-3534,0,0,20343b4b05d17c17be3f7d93c0ea65769ab86b9e28ec78891f5e5aa199e5d86e,2025-04-13T11:15:13.950000 CVE-2025-3535,0,0,20a3ab890af5959bf399c00bc41734d4f07ba7d64b047586ccdbd8634b49ac47,2025-04-13T11:15:14.723000 -CVE-2025-3536,1,1,c31a1de3f48e2866d4013a055bf24fbc581deec3e1b5ce4c5cee10d21ff0252b,2025-04-13T12:15:15.533000 -CVE-2025-3537,1,1,036a9583ee863638698f20206157a90f24c493477fea72757dbca396641cb56c,2025-04-13T12:15:15.713000 +CVE-2025-3536,0,0,c31a1de3f48e2866d4013a055bf24fbc581deec3e1b5ce4c5cee10d21ff0252b,2025-04-13T12:15:15.533000 +CVE-2025-3537,0,0,036a9583ee863638698f20206157a90f24c493477fea72757dbca396641cb56c,2025-04-13T12:15:15.713000