GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
27 January 2025
Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials.
"Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper," GMO Flatt Security researcher Ry0taK, who discovered the flaws