Platform
gitlab
Component
gitlab
Fixed in
18.1.6
18.2.6
18.3.2
CVE-2025-6454 is a Server-Side Request Forgery (SSRF) vulnerability identified in GitLab Community Edition (CE) and Enterprise Edition (EE). This flaw allows authenticated users to craft malicious sequences that trigger unintended internal requests, potentially granting access to sensitive internal resources. The vulnerability impacts versions from 16.11 up to, but not including, 18.3.2. A fix has been released in version 18.3.2.
An attacker exploiting this SSRF vulnerability could leverage an authenticated GitLab user account to initiate requests to internal services that are not directly accessible from the outside world. This could include accessing internal APIs, databases, or other sensitive systems. The potential impact ranges from information disclosure (reading internal configuration files or data) to potentially gaining further access to internal networks if the targeted internal service has vulnerabilities. The blast radius is limited to the internal network accessible from the GitLab server, but the consequences of successful exploitation could be significant, especially if internal systems contain sensitive data or are critical to business operations. This vulnerability highlights the importance of proper input validation and output sanitization to prevent SSRF attacks.
CVE-2025-6454 was publicly disclosed on 2025-09-12. No known public proof-of-concept (PoC) code has been released at the time of writing, but the SSRF nature of the vulnerability makes it likely that a PoC will emerge. The vulnerability is not currently listed on the CISA KEV catalog. The CVSS score of 8.5 (HIGH) indicates a significant risk, and organizations should prioritize remediation.
Exploit Status
EPSS
0.02% (3% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-6454 is to upgrade GitLab to version 18.3.2 or later. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting outbound network access from the GitLab server using a Web Application Firewall (WAF) or proxy. Configure the WAF to block requests to internal IP addresses or specific internal services. Review and tighten access controls within the GitLab environment to limit the privileges of authenticated users. Monitor GitLab logs for suspicious outbound requests that may indicate exploitation attempts. After upgrading, confirm the fix by attempting to trigger the SSRF vulnerability with a crafted sequence and verifying that the request is blocked.
Update GitLab to version 18.3.2 or higher. If immediate updating is not possible, consider applying the mitigations recommended by GitLab in its release notes. This will resolve the SSRF vulnerability.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-6454 is a HIGH severity SSRF vulnerability affecting GitLab CE/EE versions 16.11–18.3.2, allowing authenticated users to make unintended internal requests.
You are affected if you are running GitLab CE or EE versions between 16.11 and 18.3.2 (exclusive of 18.3.2).
Upgrade GitLab to version 18.3.2 or later. Consider WAF rules as a temporary workaround if immediate upgrade isn't possible.
While no active exploitation has been confirmed, the SSRF nature of the vulnerability suggests potential for exploitation.
Refer to the official GitLab security advisory for CVE-2025-6454 on the GitLab website.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.