Git case-sensitivity bug enabling malicious .git/config injection on Windows/Mac — can execute arbitrary code on clone/fetch. Update Git to 2.2.1+. Validate all git repositories cloned on case-insensitive filesystems in your environment.
Git and Mercurial allow remote code execution via crafted repositories that contain .git/config files with malicious values, affecting Windows and OS X clients.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →