Auto-Update: 2023-09-30T10:00:24.920815+00:00

2025-07-11 16:13:34 +00:00 · 2023-09-30 10:00:28 +00:00 · 2023-09-30 10:00:28 +00:00 · b3eaf117ef
commit b3eaf117ef
parent b60416ccd4
2 changed files with 68 additions and 7 deletions
--- a/CVE-2023/CVE-2023-52xx/CVE-2023-5207.json
+++ b/CVE-2023/CVE-2023-52xx/CVE-2023-5207.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-5207",
+  "sourceIdentifier": "cve@gitlab.com",
+  "published": "2023-09-30T09:15:14.933",
+  "lastModified": "2023-09-30T09:15:14.933",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@gitlab.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.8
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@gitlab.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425604",
+      "source": "cve@gitlab.com"
+    },
+    {
+      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425857",
+      "source": "cve@gitlab.com"
+    },
+    {
+      "url": "https://hackerone.com/reports/2174141",
+      "source": "cve@gitlab.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-09-30T08:00:25.401743+00:00
+2023-09-30T10:00:24.920815+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-09-30T06:15:11.483000+00:00
+2023-09-30T09:15:14.933000+00:00
 ```

 ### Last Data Feed Release
@ -29,22 +29,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-226656
+226657
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

-* [CVE-2023-5298](CVE-2023/CVE-2023-52xx/CVE-2023-5298.json) (`2023-09-30T06:15:11.483`)
+* [CVE-2023-5207](CVE-2023/CVE-2023-52xx/CVE-2023-5207.json) (`2023-09-30T09:15:14.933`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

-* [CVE-2023-20588](CVE-2023/CVE-2023-205xx/CVE-2023-20588.json) (`2023-09-30T06:15:09.310`)
-* [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2023-09-30T06:15:10.963`)


 ## Download and Usage