CVE 2021-22198
An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects.
See the
CVE page on Mitre.org
for more details.