2.1

CVSS4.0

CVE-2024-52006 - Newline confusion in credential helpers can lead to credential exfiltration in git

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most…

📅 Published: Jan. 14, 2025, 6:39 p.m. 🔄 Last Modified: Dec. 18, 2025, 4:10 p.m.

5.4

CVSS3.1

CVE-2025-23072 - XSS in Special:RefreshSpecial

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - RefreshSpecial Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - RefreshSpecial Extension: from 1.39.X before 1.39.11, from 1.41.X b…

📅 Published: Jan. 14, 2025, 6:29 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

7.4

CVSS3.1

CVE-2024-50338 - Carriage-return character in remote URL allows malicious repository to leak credentials in Git Cred…

Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git's documentation restricts th…

📅 Published: Jan. 14, 2025, 6:11 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1