2026-03-10 20:34:32
GitHub_M
PUBLISHED
Git for Windows is the Windows port of Git. Prior to 2.53.0(2), it is possible to obtain a users NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the users account name and password. This vulnerability is fixed in 2.53.0(2).