Unrated severityNVD Advisory· Published Dec 15, 2023· Updated Apr 28, 2026

Improper Control of Generation of Code ('Code Injection') in GitLab

CVE-2023-5512

Description

An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when specific HTML encoding is used for file names leading for incorrect representation in the UI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

GitLab CE/EE fails to double-encode file names containing percent-encoded characters, allowing UI misrepresentation and potential file integrity compromise.

Vulnerability

An issue in GitLab CE/EE's web interface handling of file names allows omission of double encoding when a file name contains percent-encoded characters such as %2f (representing /). This leads to incorrect representation of the file name and content in the UI. Affected versions are all from 16.3 before 16.4.4, all from 16.5 before 16.5.4, and all from 16.6 before 16.6.2 [1].

Exploitation

An attacker with write access to a repository can create a file with a name containing %2f (e.g., dir%2f__hello__.sh) and push it. When a victim views the file via GitLab's web interface, the file appears as if it resides in a subdirectory (dir/__hello__.sh) and displays the content of a different file (e.g., a benign file placed in the actual dir/ directory). The victim may be deceived into believing the file is safe [1].

Impact

Successful exploitation allows an attacker to compromise file integrity by making malicious content appear harmless in the UI. If the victim downloads and executes the file, arbitrary commands may be run on their system. The core impact is misrepresentation of file content, potentially leading to code execution [1].

Mitigation

GitLab has released fixed versions: 16.4.4, 16.5.4, and 16.6.2. Users should upgrade to these or later versions. No workaround is documented [1].

References

Omission of Double Encoding in File Names Facilitates the Creation of Repositories with Malicious Content. (#427827) · Issues · GitLab.org / GitLab · GitLab

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

GitLab Inc./GitLabv5
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Range: 16.3
GitLab Inc./CE/EEllm-fuzzy
Range: >=16.3, <16.4.4; >=16.5, <16.5.4; >=16.6, <16.6.2
osv-coords
pkg:bitnami/gitlab
Range: >= 16.3.0, < 16.4.4

Patches

No patches discovered yet.

Vulnerability mechanics

Root cause

"Missing double-encoding of the `%` character in file names allows URL-encoded path separators to be decoded, causing the web interface to display incorrect file content."

Attack vector

An attacker creates a repository containing two files: a benign file inside a directory (e.g., `dir/__hello__.sh` with harmless content) and a second file whose name includes the URL-encoded path separator `%2f` (e.g., `dir%2f__hello__.sh` with malicious content). When a victim views the repository through GitLab's web interface, the `%2f` is decoded and the file is displayed as if it were the benign `dir/__hello__.sh` file, showing the harmless content. However, when the victim downloads or clones the repository, the file retains its actual name `dir%2f__hello__.sh` with the malicious content, which can execute arbitrary commands if run [ref_id=1].

Affected code

The vulnerability is in GitLab's web interface handling of file names containing URL-encoded characters. The issue is that when a file name includes `%2f` (the URL-encoded form of `/`), GitLab does not perform additional (double) encoding of the `%` character, causing the file name to be interpreted as a path separator rather than a literal character in the file name [ref_id=1].

What the fix does

The advisory recommends that GitLab implement additional character encoding, especially for the `%` character, in file names to ensure their correct representation and visualization on the web interface, along with proper validation of file names to prevent malicious manipulations [ref_id=1]. The fix was applied in GitLab versions 16.4.4, 16.5.4, and 16.6.2, which add proper double-encoding of file names containing percent-encoded characters so that the web interface displays the literal file name rather than interpreting encoded characters as path separators.

Preconditions

authAttacker must have the ability to create and push files to a GitLab repository
inputVictim must view the repository through GitLab's web interface and then download/clone the repository
inputThe file name must contain %2f (URL-encoded forward slash) to exploit the encoding discrepancy

Reproduction

1. As a malicious user, create a new public repository on GitLab. Clone it, create a directory `dir`, and add a harmless file `dir/__hello__.sh` with content like `echo "hello world"`. Push this file. 2. Create a second file named `dir%2f__hello__.sh` with malicious content (e.g., `cat /etc/passwd`). Push this file. 3. As a victim, view the repository in GitLab's web interface — the `dir%2f__hello__.sh` file appears to show the harmless content. 4. Download or clone the repository and execute `dir%2f__hello__.sh` — the malicious content runs instead [ref_id=1].

Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

hackerone.com/reports/2194607mitretechnical-descriptionexploitpermissions-required
gitlab.com/gitlab-org/gitlab/-/issues/427827mitreissue-trackingpermissions-required

News mentions

GitLab Security Release: 16.6.2, 16.5.4, 16.4.4
GitLab Security Releases · Dec 13, 2023

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000