{"vulnerability": "CVE-2023-0921", "sightings": [{"uuid": "46a26ca0-5a1a-442a-97f9-361a44baf17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0921", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/590", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-0921\n\ud83d\udd39 Description: A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage.\n\ud83d\udccf Published: 2023-06-06T00:00:00\n\ud83d\udccf Modified: 2025-01-07T21:51:37.372Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/392433\n2. https://hackerone.com/reports/1869839\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0921.json", "creation_timestamp": "2025-01-07T22:38:05.000000Z"}, {"uuid": "fbdf2ab3-7169-42a2-87ed-e5d024728af8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0921", "type": "seen", "source": "https://t.me/cibsecurity/65013", "content": "\u203c CVE-2023-0921 \u203c\n\nA lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-06T20:29:25.000000Z"}]}