This vulnerability allows unauthorized viewing of private repository details, including the NWO (Namespace With Owner), through improper access in the internal LFS API. Exploiting this flaw could expose sensitive data tied to repository deployment keys, compromising repository security.
https://hackerone.com/reports/2469713