Plataforma
gitlab
Componente
gitlab
Corregido en
16.9.7
16.10.5
16.11.2
CVE-2023-6195 is a Server Side Request Forgery (SSRF) vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE). This vulnerability allows an attacker to potentially trigger unintended requests to internal or external resources by manipulating URLs within markdown image values during GitHub repository imports. Affected versions include GitLab CE/EE from 15.5 through 16.11.2, and 16.10 prior to 16.10.5. The vulnerability is resolved in version 16.11.2.
Successful exploitation of CVE-2023-6195 could allow an attacker to perform Server Side Request Forgery (SSRF) attacks within the GitLab environment. This means the GitLab server could be tricked into making requests to internal services or external websites that the attacker controls. While the vulnerability is rated LOW severity, it could still be leveraged to gather information about the internal network, potentially exposing sensitive data or internal services. An attacker could, for example, attempt to access internal APIs or databases that are not directly exposed to the internet. The blast radius is limited to the GitLab instance itself and any internal resources accessible through the SSRF vulnerability.
CVE-2023-6195 was publicly disclosed on January 30, 2025. There is no indication of active exploitation at this time. No public proof-of-concept (PoC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog. The CVSS score of 2.6 reflects the relatively low impact and difficulty of exploitation.
Organizations using GitLab CE/EE versions between 15.5 and 16.11.2, particularly those that frequently import GitHub repositories, are at risk. Teams relying on GitLab for code management and collaboration should prioritize patching to mitigate this SSRF vulnerability.
• linux / server:
journalctl -u gitlab | grep -i "ssrf"• generic web:
curl -I <gitlab_url>/<potentially_malicious_markdown_image_url>• ruby: Examine GitLab source code for instances where markdown image URLs are processed without proper sanitization. Look for patterns involving URI.parse or similar functions.
disclosure
Estado del Exploit
EPSS
0.05% (17% percentil)
CISA SSVC
Vector CVSS
The primary mitigation for CVE-2023-6195 is to upgrade GitLab CE/EE to version 16.11.2 or later. If an immediate upgrade is not feasible, consider implementing stricter input validation on markdown image URLs to prevent malicious URLs from being processed. Web Application Firewalls (WAFs) configured to detect and block SSRF attempts can also provide an additional layer of defense. Review GitLab's security documentation for further hardening recommendations. After upgrading, confirm the fix by attempting a GitHub repository import with a known malicious URL and verifying that the request is blocked or sanitized.
Actualice GitLab a la versión 16.9.7, 16.10.5 o 16.11.2, o a una versión posterior que contenga la corrección para la vulnerabilidad SSRF. Esto evitará que atacantes exploten la vulnerabilidad mediante URLs maliciosas en imágenes Markdown al importar repositorios de GitHub.
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2023-6195 is a Server Side Request Forgery vulnerability in GitLab CE/EE affecting versions 15.5–16.11.2. It allows attackers to trigger unintended requests via malicious URLs in markdown image values during GitHub repository imports.
You are affected if you are running GitLab CE/EE versions 15.5 through 16.11.2, or 16.10 prior to 16.10.5. Upgrade to 16.11.2 or later to resolve the issue.
Upgrade GitLab CE/EE to version 16.11.2 or later. Consider implementing stricter input validation on markdown image URLs as a temporary workaround.
There is currently no indication of active exploitation of CVE-2023-6195.
Refer to the official GitLab security advisory for CVE-2023-6195: [https://gitlab.com/security/advisories/CVE-2023-6195](https://gitlab.com/security/advisories/CVE-2023-6195)
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.