{"vulnerability": "CVE-2024-53263", "sightings": [{"uuid": "d8ce379c-6b5c-49ef-af74-4c2e45436b9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "https://github.blog/open-source/git/git-security-vulnerabilities-announced-5/", "content": "", "creation_timestamp": "2025-01-14T17:04:36.000000Z"}, {"uuid": "430ca422-dde1-4198-bce3-2a1a4e7600b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfq2x5e4kp2f", "content": "", "creation_timestamp": "2025-01-14T20:15:51.765659Z"}, {"uuid": "9d25febb-0003-4fa5-ba79-d5f45441f9d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lgsvanwiok2v", "content": "", "creation_timestamp": "2025-01-28T16:37:00.514712Z"}, {"uuid": "1444b14e-b3e3-4c19-9468-13e2063caf7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "https://bsky.app/profile/catra.top/post/3likm72m3o223", "content": "", "creation_timestamp": "2025-02-19T20:24:23.340067Z"}, {"uuid": "5ab69017-9fe5-4cad-a109-e504f41d49dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "https://t.me/cvedetector/15368", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53263 - Git LFS Remote Code Execution via CRLF Injection\", \n  \"Content\": \"CVE ID : CVE-2024-53263 \nPublished : Jan. 14, 2025, 8:15 p.m. | 37\u00a0minutes ago \nDescription : Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the `git-credential(1)` command without checking for embedded line-ending control characters, and then sends any credentials it receives back from the Git credential helper to the remote host. By inserting URL-encoded control characters such as line feed (LF) or carriage return (CR) characters into the URL, an attacker may be able to retrieve a user's Git credentials. This problem exists in all previous versions and is patched in v3.6.1. All users should upgrade to v3.6.1. There are no workarounds known at this time. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T22:23:01.000000Z"}, {"uuid": "23fed609-76cf-4787-98bb-d16f3f47f074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:03.000000Z"}, {"uuid": "2ab0c640-a678-4a3a-bf4b-d1f0d3773a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mddymicpvb42", "content": "", "creation_timestamp": "2026-01-26T19:38:04.090342Z"}, {"uuid": "082d58b0-0e38-4d1f-8302-e23cfe27eeba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1767", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-53263\n\ud83d\udd39 Description: Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the `git-credential(1)` command without checking for embedded line-ending control characters, and then sends any credentials it receives back from the Git credential helper to the remote host. By inserting URL-encoded control characters such as line feed (LF) or carriage return (CR) characters into the URL, an attacker may be able to retrieve a user's Git credentials. This problem exists in all previous versions and is patched in v3.6.1. All users should upgrade to v3.6.1. There are no workarounds known at this time.\n\ud83d\udccf Published: 2025-01-14T19:33:21.876Z\n\ud83d\udccf Modified: 2025-01-15T14:55:48.695Z\n\ud83d\udd17 References:\n1. https://github.com/git-lfs/git-lfs/security/advisories/GHSA-q6r2-x2cc-vrp7\n2. https://github.com/git-lfs/git-lfs/commit/0345b6f816e611d050c0df67b61f0022916a1c90\n3. https://github.com/git-lfs/git-lfs/releases/tag/v3.6.1", "creation_timestamp": "2025-01-15T15:10:43.000000Z"}, {"uuid": "1679c39e-10c1-41cb-a342-44a9bccacf0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "Telegram/2jkVbon0AKvDKm9vj_F7rnMeTxCzgQeChMbLUtudeUZLIg", "content": "", "creation_timestamp": "2025-01-28T11:57:13.000000Z"}, {"uuid": "0f5d519c-86cf-47b7-be09-d462e695cbe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53263", "type": "seen", "source": "https://t.me/thehackernews/6235", "content": "\ud83d\udea8 Alert \u2014 GitHub Desktop & GitHub projects have critical vulnerabilities that can expose your credentials to attackers.\n\n\ud83d\udd11 CVE-2024-53263 \u2013 Git LFS leaks credentials via crafted URLs.\n\u26a1 CVE-2024-50338 \u2013 GitHub CLI sends tokens to attacker-controlled hosts.\n\nAttackers can use this to gain unauthorized access to your private repositories.\n\n\ud83d\udd17 Read full details: https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html", "creation_timestamp": "2025-01-27T15:21:54.000000Z"}]}