{"vulnerability": "CVE-2022-3286", "sightings": [{"uuid": "eb2e1aee-2968-4af4-b9c1-781fc09c358d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32860", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12741", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32860\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T18:36:46.347Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213345\n2. https://support.apple.com/en-us/HT213346\n3. https://support.apple.com/en-us/HT213344", "creation_timestamp": "2025-04-21T19:02:24.000000Z"}, {"uuid": "2f4ea49e-fe14-4fd5-bb0f-3120f747c44c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3286", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16171", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3286\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Lack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a deploy token\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-13T15:45:08.979Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/363827\n2. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3286.json", "creation_timestamp": "2025-05-13T16:30:56.000000Z"}, {"uuid": "3696e696-ced2-423b-8113-3ee5d08723fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32860", "type": "seen", "source": "https://t.me/cibsecurity/54620", "content": "\u203c CVE-2022-32860 \u203c\n\nAn out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with kernel privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-15T22:23:48.000000Z"}, {"uuid": "d70dd5cf-9936-464a-bcdd-b102bc37a1cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3286", "type": "seen", "source": "https://t.me/cibsecurity/51610", "content": "\u203c CVE-2022-3286 \u203c\n\nLack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a deploy token\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:28.000000Z"}]}