{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-47116", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-30T19:57:51.674Z", "datePublished": "2024-01-31T16:21:50.793Z", "dateUpdated": "2025-06-17T21:29:19.276Z"}, "containers": {"cna": {"title": "Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r"}, {"name": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64", "tags": ["x_refsource_MISC"], "url": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64"}, {"name": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0"}], "affected": [{"vendor": "HumanSignal", "product": "label-studio", "versions": [{"version": "< 1.11.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-31T16:21:50.793Z"}, "descriptions": [{"lang": "en", "value": "Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the `SSRF_PROTECTION_ENABLED` environment variable can be bypassed to access internal web servers. This is because the current SSRF validation is done by executing a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a DNS rebinding attack."}], "source": {"advisory": "GHSA-p59w-9gqw-wj8r", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:01:22.711Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r"}, {"name": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64"}, {"name": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-47116", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-01-31T20:33:12.634033Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T21:29:19.276Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r", "name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64", "name": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0", "name": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:01:22.711Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-47116", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-01-31T20:33:12.634033Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T21:22:56.157Z"}}], "cna": {"title": "Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections", "source": {"advisory": "GHSA-p59w-9gqw-wj8r", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "HumanSignal", "product": "label-studio", "versions": [{"status": "affected", "version": "< 1.11.0"}]}], "references": [{"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r", "name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64", "name": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0", "name": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the `SSRF_PROTECTION_ENABLED` environment variable can be bypassed to access internal web servers. This is because the current SSRF validation is done by executing a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a DNS rebinding attack."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-31T16:21:50.793Z"}}}, "cveMetadata": {"cveId": "CVE-2023-47116", "state": "PUBLISHED", "dateUpdated": "2025-06-17T21:29:19.276Z", "dateReserved": "2023-10-30T19:57:51.674Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-01-31T16:21:50.793Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "27567917-A7FB-4767-B9F6-6C8D422D62E7", "versionEndExcluding": "1.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the `SSRF_PROTECTION_ENABLED` environment variable can be bypassed to access internal web servers. This is because the current SSRF validation is done by executing a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a DNS rebinding attack."}, {"lang": "es", "value": "Label Studio es una popular herramienta de etiquetado de datos de c\u00f3digo abierto. La vulnerabilidad afecta a todas las versiones de Label Studio anteriores a la 1.11.0 y se prob\u00f3 en la versi\u00f3n 1.8.2. Las protecciones SSRF de Label Studio que se pueden habilitar configurando la variable de entorno `SSRF_PROTECTION_ENABLED` se pueden omitir para acceder a los servidores web internos. Esto se debe a que la validaci\u00f3n SSRF actual se realiza ejecutando una \u00fanica b\u00fasqueda de DNS para verificar que la direcci\u00f3n IP no est\u00e9 en un rango de subred excluido. Esta protecci\u00f3n se puede omitir utilizando la redirecci\u00f3n HTTP o realizando un ataque de vinculaci\u00f3n de DNS."}], "id": "CVE-2023-47116", "lastModified": "2024-11-21T08:29:48.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-31T17:15:13.370", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.11.0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}