GitLab before 12.8.2 has Incorrect Access Control. It was internally discovered that the LFS import process could potentially be used to incorrectly access LFS objects not owned by the user.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-03-13
Page 42