GitHub Vulnerability Exposes Credentials to Malicious Remote URLs and Repositories

These vulnerabilities are primarily related to improper handling of authentication requests by credential helpers, which are designed to store and retrieve credentials securely.

Identified Vulnerabilities

1. CVE-2025-23040: This vulnerability allows maliciously crafted remote URLs to lead to credential leaks in GitHub Desktop. It has a CVSS score of 6.6. The issue arises from how the credential helper misinterprets carriage return characters in URLs, which can trick it into sending credentials to an attacker-controlled server instead of the intended host. More information can be found at CVE-2025-23040.
2. CVE-2024-50338: This vulnerability affects the Git Credential Manager and has a CVSS score of 7.4. It exploits carriage-return characters in remote URLs, allowing malicious repositories to leak credentials. Further details can be accessed at CVE-2024-50338.
3. CVE-2024-53263: Found in Git LFS, this vulnerability permits retrieval of credentials via crafted HTTP URLs, receiving a CVSS score of 8.5. The vulnerability lies in how Git LFS processes URLs specified in .lfsconfig files. Read more at CVE-2024-53263.
4. CVE-2024-53858: This vulnerability impacts the GitHub CLI, which can leak authentication tokens when cloning repositories that contain malicious submodules. It has a CVSS score of 6.5 and can be reviewed at CVE-2024-53858.

Exploitation Mechanism

The vulnerabilities are exploited through a method dubbed "Clone2Leak," which enables attackers to manipulate how Git and its credential helpers handle authentication requests. This manipulation can lead to the exfiltration of user credentials. The attack vectors include:

• Carriage Return Smuggling: By injecting carriage return characters into crafted URLs, attackers can cause the credential helper to misinterpret the intended host.
• Newline Injection: Malicious URLs can bypass Git's security checks to alter credential requests, allowing attackers to receive GitHub credentials.
• Logic Flaws in Credential Retrieval: Overly permissive credential helpers, particularly in GitHub CLI and Codespaces, expose access tokens to unintended hosts.

Recommended Actions

Users are strongly advised to upgrade to the latest versions of affected tools to mitigate these vulnerabilities. Recommended versions include:

• GitHub Desktop: 3.4.12 or newer
• Git Credential Manager: 2.6.1 or newer
• Git LFS: 3.6.1 or later
• GitHub CLI: 2.63.0 or later

Additionally, users should consider enabling Git's credential.protectProtocol feature to reject URLs with carriage return characters, enhancing protection against credential smuggling attacks. For further reading, consult the GitHub advisory on credential helper.

Security Context

The vulnerabilities underscore the critical nature of validating input in text-based protocols, especially when dealing with sensitive credentials. Misalignments between protocol specifications and implementation details can lead to significant security breaches. Developers are encouraged to maintain strict compliance with protocol rules and to introduce validation layers to prevent these types of injection attacks. For detailed insights on the research findings, refer to RyotaK of GMO Flatt Security.