A cybersecurity researcher recently disclosed several critical vulnerabilities affecting Git-related projects, revealing how improper handling of credential protocols can lead to sensitive data leaks.
From GitHub Desktop to Git Credential Manager and Git LFS, these issues were uncovered during a routine bug-hunting session for the GitHub Bug Bounty program, resulting in the assignment of multiple CVEs.
Improper Parsing in GitHub Desktop Enables Credential Leakage (CVE-2025-23040)
A flaw in GitHub Desktop’s handling of the Git Credential Protocol was identified as a potential vector for credential exposure.
.png
)
The issue stems from how the tool’s credential helper, called “trampoline,” parses user input.
Within the parseCredential function, an improper regular expression implementation led to the mishandling of carriage return characters (\r).
Since Git Credential Protocol primarily relies on newline characters (\n) to delineate properties, the inclusion of carriage return characters enables “carriage return smuggling.”
This allows attackers hosting malicious repositories to craft URLs like http://%0dprotocol=https%0dhost=github.com%0d@localhost, tricking the system into misinterpreting github.com as the target host.
Git Credential Manager Vulnerability via StreamReader Misuse (CVE-2024-50338)
Another critical issue was identified in Git Credential Manager, a cross-platform credential helper for Git built on .NET.
The vulnerability arises due to improper use of the StreamReader class, which processes input using multiple line terminators—\n, \r, and \r\n.
As a result, attackers can craft malicious URLs containing carriage return characters to manipulate how credentials are handled.
When Git Credential Manager receives such manipulated input, it may send credentials meant for legitimate hosts (e.g., github.com) to attacker-controlled endpoints, effectively exposing sensitive user data.
The researcher also discovered a vulnerability in Git LFS (Large File Storage). Unlike Git itself which robustly validates credential values to prevent newline injections Git LFS fails to sanitize input.
According to Flatt Security, by embedding a newline character in the .lfsconfig file, attackers can bypass validation safeguards and manipulate credential protocols, potentially leaking credentials.
For example, a crafted URL in .lfsconfig could trigger Git LFS to send the following malformed message to a credential helper:
protocol=http
host=localhost
username=
host=github.com
protocol=httpsIn such cases, the credential helper would interpret the last host and protocol fields as authoritative, inadvertently exposing github.com credentials to an unauthorized host.
Separate vulnerabilities were found in GitHub CLI and Codespaces. In GitHub CLI, faulty logic in the tokenForHost function caused tokens to be sent to unauthorized hosts under specific conditions.
The issue primarily affected enterprise environments and GitHub Codespaces, where the CODESPACES environment variable is universally set to true.
A malicious repository cloned on Codespaces could exploit this to exfiltrate access tokens.
Similarly, a basic credential helper script in Codespaces exposed tokens because it failed to validate the requested host.
Subsequent patches introduced domain validation to ensure credentials are only sent to trusted endpoints.
These vulnerabilities highlight how even minor architectural oversights in text-based protocols can lead to severe security breaches.
Credential leakage, particularly in widely used tools like GitHub Desktop, Git Credential Manager, and Git LFS, underscores the importance of rigorous input validation and adherence to secure coding practices.
While patches have been deployed to address these issues, the findings serve as a cautionary tale for the broader open-source community.
Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free
