Erruqill

**Name of the Vulnerable Software and Affected Versions** GitLab versions prior to 16.6.6 GitLab versions 16.7 prior to 16.7.4 GitLab versions 16.8 prior to 16.8.1 **Description** An issue has been discovered in GitLab that allows reading the user email address via tags feed, even though the visibility in the user profile has been disabled. This issue is related to information disclosure. Exploitation of this issue may allow a remote attacker to access confidential data. **Recommendations** For versions prior to 16.6.6, update to version 16.6.6 or later. For versions 16.7 prior to 16.7.4, update to version 16.7.4 or later. For versions 16.8 prior to 16.8.1, update to version 16.8.1 or later.