CVE 2021-22167
An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository
See the 
CVE page on Mitre.org
for more details.
