GitLab is a web-based Git repository manager with wiki and issue-tracking features. GitLab is similar to GitHub, but GitLab has an open-source version, unlike GitHub.

GitLab

NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

GitLab Enterprise is a self-hosted, scalable, and secure platform that provides DevOps and CI/CD capabilities for software development teams. It offers advanced features, integrations, and support for organizations requiring enhanced collaboration and security. GitLab Enterprise is available in two tiers: Premium and Ultimate.

Gitlab Enterprise

Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even when IP address restrictions were configured.

CVE-2022-1983:
GitLab vulnerability analysis and mitigation

Overview

Technical details

Impact

Mitigation and workarounds

Additional resources

4.3

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2022-1983: GitLab vulnerability analysis and mitigation