CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2).