CVE-2024-50338

Summary

CVE-2024-50338 is a vulnerability affecting Git Credential Manager (GCM), a secure Git credential helper built on .NET. The issue stems from a mismatch between Git and GCM's handling of newline characters in the credential protocol. Git only accepts LF as a newline character, while GCM considers both LF and CR as valid newline characters. This discrepancy can lead to an attacker crafting a malicious remote URL, allowing them to capture credentials for another Git remote when users clone or interact with a malicious repository, especially when using the `--recursive` option with submodules. The vulnerability has been patched in version 2.6.1, and all users are advised to upgrade. Until then, users should interact only with trusted remote repositories and avoid using `--recursive` to inspect submodule URLs before cloning.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.