An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository
{ "severity": "High", "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ] }