Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server

by vwpolo3on 4/15/2020, 10:08:12 AM with 2 comments
  • by vwpolo3on 4/15/2020, 10:12:18 AM

    Without upgrade, this might be exploited through package managers able to fetch from Git URLs (so NPM, Go Modules, and others).

  • by lilyballon 4/15/2020, 9:28:56 PM

    Xcode 11.4.1 came out today and it appears to contain the fix for this.