An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information.
https://gitlab.com/gitlab-org/gitlab-ce/issues/56402
https://about.gitlab.com/blog/categories/releases/
https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/