Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user’s Git credentials.
« Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper, » GMO Flatt Security researcher Ry0taK, who discovered the flaws
