Hi @jyapur .
GitLab 13.5.4
Unfortunately your GitLab version (13.5.4) is vulnerable to CVE-2021-22205.
For more details, refer to:
If you run ls -al /var/opt/gitlab/git-data/repositories/@hashed/*/*/*.git on the GitLab server, do you see any suspicious files? (eg. files that end in .locked or .html?) If so, your server has likely been compromised and I encourage you to revert to a backup of GitLab data taken before this issue occured.
See also:
Any user running a vulnerable version of GitLab should upgrade to a patched version as soon as possible, preferably the latest version of GitLab.
If upgrading immediately is not an option:
If this RCE vulnerability was exploited on your instance, it’s possible that abuse or malicious user access to the system may persist even after upgrading or patching GitLab.
Unfortunately, there is no one-size-fits-all solution or comprehensive checklist one can use to completely secure a server that has been compromised. GitLab recommends following your organization’s established incident response plan whenever possible.
The suggestions below may help mitigate the threat of further abuse or …