Felix Wilhelm of Google Project Zero discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline, the credential helper machinery can be fooled to return credential information for a wrong host.
Felix Wilhelm of Google Project Zero discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline, the credential helper machinery can be fooled to return credential information for a wrong host.
https://git.kernel.org/pub/scm/git/git.git/commit/?id=9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b https://git.kernel.org/pub/scm/git/git.git/commit/?id=c716fe4bd917e013bf376a678b3a924447777b2d https://git.kernel.org/pub/scm/git/git.git/commit/?id=07259e74ec1237c836874342c65650bdee8a3993 https://bugs.chromium.org/p/project-zero/issues/detail?id=2021