From 41f6aa73316db7f09f41fc883d7d44c49d8e3e6b Mon Sep 17 00:00:00 2001 From: cvelistV5 Github Action Date: Thu, 2 Jan 2025 04:10:21 +0000 Subject: [PATCH] 1 changes (1 new | 0 updated): - 1 new CVEs: CVE-2024-56829 - 0 updated CVEs: --- cves/2024/56xxx/CVE-2024-56829.json | 70 +++++++++++++++++++++++++++++ cves/delta.json | 10 ++--- cves/deltaLog.json | 14 ++++++ 3 files changed, 89 insertions(+), 5 deletions(-) create mode 100644 cves/2024/56xxx/CVE-2024-56829.json diff --git a/cves/2024/56xxx/CVE-2024-56829.json b/cves/2024/56xxx/CVE-2024-56829.json new file mode 100644 index 000000000000..ca0f85dc50da --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56829.json @@ -0,0 +1,70 @@ +{ + "dataType": "CVE_RECORD", + "cveMetadata": { + "state": "PUBLISHED", + "cveId": "CVE-2024-56829", + "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "assignerShortName": "mitre", + "dateUpdated": "2025-01-02T04:02:01.127Z", + "dateReserved": "2025-01-02T00:00:00", + "datePublished": "2025-01-02T00:00:00" + }, + "containers": { + "cna": { + "affected": [ + { + "product": "n/a", + "vendor": "n/a", + "versions": [ + { + "status": "affected", + "version": "n/a" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx." + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-434", + "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "shortName": "mitre", + "dateUpdated": "2025-01-02T04:02:01.127Z" + }, + "references": [ + { + "url": "https://github.com/Zerone0x00/CVE/blob/main/%E9%BB%84%E8%8D%AF%E5%B8%88%E8%8D%AF%E4%B8%9A%E7%AE%A1%E7%90%86%E8%BD%AF%E4%BB%B6/UploadFile%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md" + } + ], + "x_generator": { + "engine": "enrichogram 0.0.1" + }, + "metrics": [ + { + "cvssV3_1": { + "version": "3.1", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" + } + } + ] + } + }, + "dataVersion": "5.1" +} \ No newline at end of file diff --git a/cves/delta.json b/cves/delta.json index b23e09712930..c6e6c3fbd037 100644 --- a/cves/delta.json +++ b/cves/delta.json @@ -1,12 +1,12 @@ { - "fetchTime": "2025-01-02T04:00:27.974Z", + "fetchTime": "2025-01-02T04:10:07.385Z", "numberOfChanges": 1, "new": [ { - "cveId": "CVE-2025-22214", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22214", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22214.json", - "dateUpdated": "2025-01-02T03:58:56.157Z" + "cveId": "CVE-2024-56829", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56829", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56829.json", + "dateUpdated": "2025-01-02T04:02:01.127Z" } ], "updated": [], diff --git a/cves/deltaLog.json b/cves/deltaLog.json index 2824728f2cc0..ac276b4dbf81 100644 --- a/cves/deltaLog.json +++ b/cves/deltaLog.json @@ -1,4 +1,18 @@ [ + { + "fetchTime": "2025-01-02T04:10:07.385Z", + "numberOfChanges": 1, + "new": [ + { + "cveId": "CVE-2024-56829", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56829", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56829.json", + "dateUpdated": "2025-01-02T04:02:01.127Z" + } + ], + "updated": [], + "error": [] + }, { "fetchTime": "2025-01-02T04:00:27.974Z", "numberOfChanges": 1,