CVE-2019-13009
GitLab Community and Enterprise Edition versions 9.2–12.0.2 have an Incorrect Access Control issue where uploaded files associated with unsaved personal snippets are accessible to unauthorized users. The root cause is improper permission settings. A security release (GitLab 12.0.3) addressed this...