
Critical security vulnerabilities in popular Git-related tools could allow attackers to steal user credentials, according to research published by GMO Flatt Security engineer RyotaK.
Researcher reveal how malicious repositories could exploit these vulnerabilities to compromise Git credentials across multiple platforms.
The research identified significant vulnerabilities in several major Git tools, which are
- CVE-2025-23040 (CVSS score: 6.6) - Maliciously crafted remote URLs could lead to credential leaks in GitHub Desktop
- CVE-2024-50338 (CVSS score: 7.4) - Carriage-return character in remote URL allows the malicious repository to leak credentials in Git Credential Manager
- CVE-2024-53263 (CVSS score: 8.5) - Git LFS permits retrieval of credentials via crafted HTTP URLs
- CVE-2024-53858 (CVSS score: 6.5) - Recursive repository cloning in GitHub CLI can leak authentication tokens to non-GitHub submodule hosts
These flaws stemmed from improper handling of the Git Credential Protocol, which is used to retrieve credentials from credential helpers.
A regular expression vulnerability in GitHub Desktop allowed attackers to exploit carriage return characters to redirect credentials to malicious servers. Similarly, Git Credential Manager's use of .NET's StreamReader class made it susceptible to credential leakage through carriage return manipulation.
The research also uncovered a notable vulnerability in GitHub CLI (CVE-2024-53858) that could leak access tokens to arbitrary hosts, particularly impacting users of GitHub Codespaces. The flaw allowed malicious repositories to capture authentication tokens when cloned within Codespaces environments.
"While both enterprise-related variables are not common, the CODESPACES environment variable is always set to true when running on GitHub Codespaces," Ry0taK said. "So, cloning a malicious repository on GitHub Codespaces using GitHub CLI will always leak the access token to the attacker's hosts."
In response to these findings, Git implemented a defense-in-depth mitigation (CVE-2024-52006) that rejects URLs containing carriage return characters by default through the credential.protectProtocol configuration option.
GitHub has also updated its Codespaces credential helper to validate requested hosts before providing credentials. These vulnerabilities could potentially affect developers and organizations using affected Git tools for source code management.
Successful exploitation of the aforementioned flaws could lead to a malicious third-party using the leaked authentication tokens to access privileged resources. RyotaK's research has prompted security improvements across the Git ecosystem, with affected platforms implementing fixes to prevent credential leakage.