CVE-2021-22176

An issue has been discovered in GitLab affecting all versions starting with 3.0.1. Improper access control allows demoted project members to access details on authored merge requests > MITRE Terms of Use apply – see LICENSE‑MITRE.txt