{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-3283","assignerOrgId":"ceab7361-8a18-47b1-92ba-4d7d25f6715a","assignerShortName":"GitLab","dateUpdated":"2025-05-13T15:46:08.723Z","dateReserved":"2022-09-23T00:00:00.000Z","datePublished":"2022-10-17T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"ceab7361-8a18-47b1-92ba-4d7d25f6715a","shortName":"GitLab","dateUpdated":"2022-10-17T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions before before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 While cloning an issue with special crafted content added to the description could have been used to trigger high CPU usage."}],"affected":[{"vendor":"GitLab","product":"GitLab","versions":[{"version":">=15.4, <15.4.1","status":"affected"},{"version":">=15.3, <15.3.4","status":"affected"},{"version":"<15.2.5","status":"affected"}]}],"references":[{"url":"https://hackerone.com/reports/1543718"},{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/361982"},{"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3283.json"}],"credits":[{"lang":"en","value":"Thanks legit-security(https://hackerone.com/legit-security) for reporting this vulnerability through our HackerOne bug bounty program"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Uncontrolled resource consumption in GitLab"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T01:07:06.465Z"},"title":"CVE Program Container","references":[{"url":"https://hackerone.com/reports/1543718","tags":["x_transferred"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/361982","tags":["x_transferred"]},{"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3283.json","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-400","lang":"en","description":"CWE-400 Uncontrolled Resource Consumption"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-13T15:45:58.265219Z","id":"CVE-2022-3283","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-13T15:46:08.723Z"}}]}}