FlagThis

CyberSecurity updates
2025-01-30 09:49:36 Pacfic
Pierluigi Paganini @ Security Archives
Git Credential Exposure Vulnerabilities - 2d
Read more: securityaffairs.com

Multiple vulnerabilities have been discovered in Git and its related tools, posing a risk to user credentials. These flaws stem from the improper handling of message delimiters within the Git Credential Protocol, impacting tools such as GitHub Desktop, Git Credential Manager, Git LFS, GitHub CLI, and GitHub Codespaces. This improper handling allows malicious actors to craft URLs with injected carriage return or newline characters, leading to credential leaks. Specifically, vulnerabilities like CVE-2025-23040 in GitHub Desktop allowed for 'carriage return smuggling' through crafted submodule URLs.

These vulnerabilities arise from differences between Git's strict protocol handling and the implementation of related projects. Git Credential Manager is vulnerable due to the StreamReader class, misinterpreting line-endings, while Git LFS is vulnerable by not checking for embedded control characters, allowing for the injection of carriage return line feeds via crafted HTTP URLs. A new configuration setting, `credential.protectProtocol`, has been introduced to help mitigate these vulnerabilities by providing a defense-in-depth approach.

Original img attribution: https://securityaffairs.com/wp-content/uploads/2023/01/git-logo.png
ImgSrc: securityaffairs.com
References:
  • Cyber Security News - Critical GitHub Flaw Allows Credential Leaks Through Malicious Repos - 2d
  • Security Archives - Security Affairs - Multiple Git flaws led to credentials compromise - 2d
  • The Hacker News - GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs - 2d
  • cyberpress.org - Critical GitHub Flaw Allows Credential Leaks Through Malicious Repos - 2d
  • ciso2ciso.com - Multiple Git flaws led to credentials compromise – Source: securityaffairs.com - 2d
  • ciso2ciso.com - Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a - 2d
  • CISO2CISO.COM & CYBER SECURITY GROUP - GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs – Source:thehackernews.com - 2d
  • Privacy Guides Community - Latest topics - GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs - 1d
  • @jos1264 - Multiple Git flaws led to credentials compromise – Source: securityaffairs.com - 1d
  • Dataconomy - Clone2Leak exposes credential risks in Git ecosystem - 1d
  • @BleepingComputer - A set of three distinct but related attacks, dubbed 'Clone2Leak,' can leak credentials by exploiting how Git and its credential helpers handle authentication requests. - 1d
  • www.bleepingcomputer.com - News about Clone2Leak vulnerabilities in the Git ecosystem. - 1d

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can provide me feedback using this form or using Bluesky.