An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions.

Source