Rafiemon

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 8.9.6 and later **Description** An information disclosure issue in the GitLab CE/EE API allows a user to view basic information about private groups that a public project has been shared with. **Recommendations** For GitLab CE/EE versions 8.9.6 and later, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to the API endpoint that handles project sharing to minimize the risk of exploitation.