Security researcher RyotaK from GMO Flatt Security Inc has discovered multiple vulnerabilities in the Git credential retrieval protocol, potentially allowing threat actors to access user credentials. These flaws were identified due to improper handling of messages within the protocol.
In October 2024, while investigating GitHub’s Bug Bounty program, RyotaK shifted his focus to GitHub Desktop. He found a bug that enabled malicious repositories to leak user credentials and decided to explore other Git-related projects, revealing additional vulnerabilities.
The Git Credential Protocol, used by tools like git-credential-store and git-credential-osxkeychain, was found to have multiple flaws that caused credential leakage. One notable vulnerability in GitHub Desktop’s “trampoline” helper was exploited using a crafted URL with carriage return (%0d) characters. This manipulation led to credentials being associated with unintended hosts (e.g., github.com instead of localhost), resulting in potential leaks.
The improper handling of line terminators across Git credential helpers also contributed to these issues, as attackers could craft malicious URLs to inject sensitive information. This issue was tracked as CVE-2025-23040 and has been addressed by GitHub through a fix that blocks carriage return characters.
Another vulnerability in the Git LFS protocol was reported as CVE-2024-53263, potentially allowing credential compromise via newline injection attacks.
While fixes were implemented for some vulnerabilities, others like GitHub CLI’s access token leakage (CVE-2024-53858) remain unresolved. This flaw allowed arbitrary hosts to receive access tokens, including malicious ones in GitHub Codespaces.
The researcher emphasized that text-based protocols are often targets of injection attacks, as even small architecture flaws can lead to significant security breaches. RyotaK hopes these findings will help improve Git’s security and welcomes further research into related projects.
Source: https://securityaffairs.com/173520/security/multiple-git-flaws-led-to-credentials-compromise.html