April 14, 2022 at 01:53PM

■■□□□ CVE-2022-24765: This vulnerability affects users working on multi-user machines where a malicious actor could create a .git directory in a shared location above a victim’s current working directory. On Windows, for example, an attacker could create C:\.git\config, which would cause all git invocations that occur outside of a repository to read its configured values.

https://github.blog/2022-04-12-git-security-vulnerability-announced/

https://t.me/cKure/11196