An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository
{ "binaries": [ { "binary_name": "gitlab", "binary_version": "8.5.8+dfsg-5" } ] }