Git's credential helper did not properly handle authentication messages, leading to credential leakage, experts warn.

"Using a maliciously crafted URL it's possible to cause the credential request coming from Git to be misinterpreted by Github ...

Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.