The host is installed with GitLab EE 12.0 before 14.10.5, 15.0 before 15.0.4 or 15.1 before 15.1.1 and is prone to an information exposure vulnerability. A flaw is present in the application, which fails to properly handle issues in unspecified vectors. Successful exploitation could allows an attacker with the appropriate access tokens to obtain CI variables in a group with using IP-based access restrictions even if the GitLab Runner is calling from outside the allowed IP range.