{"vulnerability": "CVE-2022-3018", "sightings": [{"uuid": "be1118ee-2a21-447d-99ba-1edbb073e217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30187", "type": "seen", "source": "https://msrc.microsoft.com/blog/2022/07/mitigation-for-azure-storage-sdk-client-side-encryption-padding-oracle-vulnerability/", "content": "", "creation_timestamp": "2022-07-18T05:00:00.000000Z"}, {"uuid": "af65126a-9f17-42cf-a319-54a8d7f02e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3018", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15331", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3018\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs.\n\ud83d\udccf Published: 2022-10-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T14:36:20.373Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/360938\n2. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3018.json", "creation_timestamp": "2025-05-07T15:22:50.000000Z"}, {"uuid": "62a08a31-eb88-44f3-a0e4-24d7c8d41ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3018", "type": "seen", "source": "https://t.me/cibsecurity/52210", "content": "\u203c CVE-2022-3018 \u203c\n\nAn information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T18:34:27.000000Z"}, {"uuid": "f0488d9a-6b33-4369-90e6-541061a8dcc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30187", "type": "seen", "source": "https://t.me/cibsecurity/46123", "content": "\u203c CVE-2022-30187 \u203c\n\nAzure Storage Library Information Disclosure Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T02:25:48.000000Z"}, {"uuid": "e7c26a79-e2eb-4a40-9c85-fac54c01844b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30184", "type": "seen", "source": "https://t.me/cibsecurity/44586", "content": "\u203c CVE-2022-30184 \u203c\n\n.NET and Visual Studio Information Disclosure Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T02:26:51.000000Z"}, {"uuid": "8b74bcdc-3de9-40e0-bbdd-065ed3d6e9b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30180", "type": "seen", "source": "https://t.me/cibsecurity/44591", "content": "\u203c CVE-2022-30180 \u203c\n\nAzure RTOS GUIX Studio Information Disclosure Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T02:26:57.000000Z"}, {"uuid": "8186f854-9272-4dc3-a9b2-0ccd65fe848a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30189", "type": "seen", "source": "https://t.me/cibsecurity/44599", "content": "\u203c CVE-2022-30189 \u203c\n\nWindows Autopilot Device Management and Enrollment Client Spoofing Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T02:27:08.000000Z"}]}