From f6e53dceceba1ce4e08c2e32b9631b3cd37450f8 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Wed, 2 Aug 2023 08:00:31 +0000
Subject: [PATCH] Auto-Update: 2023-08-02T08:00:28.265292+00:00

---
 CVE-2022/CVE-2022-24xx/CVE-2022-2416.json | 43 ++++++++++++++++++
 CVE-2023/CVE-2023-40xx/CVE-2023-4011.json | 55 +++++++++++++++++++++++
 README.md                                 | 14 +++---
 3 files changed, 105 insertions(+), 7 deletions(-)
 create mode 100644 CVE-2022/CVE-2022-24xx/CVE-2022-2416.json
 create mode 100644 CVE-2023/CVE-2023-40xx/CVE-2023-4011.json

diff --git a/CVE-2022/CVE-2022-24xx/CVE-2022-2416.json b/CVE-2022/CVE-2022-24xx/CVE-2022-2416.json
new file mode 100644
index 00000000000..854b0a0a71f
--- /dev/null
+++ b/CVE-2022/CVE-2022-24xx/CVE-2022-2416.json
@@ -0,0 +1,43 @@
+{
+  "id": "CVE-2022-2416",
+  "sourceIdentifier": "security@octopus.com",
+  "published": "2023-08-02T06:15:10.140",
+  "lastModified": "2023-08-02T06:15:10.140",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@octopus.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://advisories.octopus.com/post/2023/sa2023-11/",
+      "source": "security@octopus.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4011.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4011.json
new file mode 100644
index 00000000000..db2dd9e9d80
--- /dev/null
+++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4011.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-4011",
+  "sourceIdentifier": "cve@gitlab.com",
+  "published": "2023-08-02T06:15:11.523",
+  "lastModified": "2023-08-02T06:15:11.523",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue has been discovered in GitLab EE affecting all versions from 15.11 prior to 16.2.2 which allows an attacker to spike the resource consumption resulting in DoS."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@gitlab.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@gitlab.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-400"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/409367",
+      "source": "cve@gitlab.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 25acc145950..3c64cc6fca6 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-08-02T06:00:32.563438+00:00
+2023-08-02T08:00:28.265292+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-08-02T05:15:09.850000+00:00
+2023-08-02T06:15:11.523000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,21 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-221438
+221440
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `2`
 
-* [CVE-2023-4016](CVE-2023/CVE-2023-40xx/CVE-2023-4016.json) (`2023-08-02T05:15:09.850`)
+* [CVE-2022-2416](CVE-2022/CVE-2022-24xx/CVE-2022-2416.json) (`2023-08-02T06:15:10.140`)
+* [CVE-2023-4011](CVE-2023/CVE-2023-40xx/CVE-2023-4011.json) (`2023-08-02T06:15:11.523`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-* [CVE-2023-25841](CVE-2023/CVE-2023-258xx/CVE-2023-25841.json) (`2023-08-02T05:15:09.557`)
 
 
 ## Download and Usage