CVE 2021-39900

Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs.

See the CVE page on Mitre.org for more details.