CVE-2025-23040— GitHub Desktop 安全漏洞

Maliciously crafted remote URLs could lead to credential leak in GitHub Desktop

GitHub Desktop is an open-source Electron-based GitHub app designed for git development. An attacker convincing a user to clone a repository directly or through a submodule can allow the attacker access to the user's credentials through the use of maliciously crafted remote URL. GitHub Desktop relies on Git to perform all network related operations (such as cloning, fetching, and pushing). When a user attempts to clone a repository GitHub Desktop will invoke `git clone` and when Git encounters a remote which requires authentication it will request the credentials for that remote host from GitHub Desktop using the git-credential protocol. Using a maliciously crafted URL it's possible to cause the credential request coming from Git to be misinterpreted by Github Desktop such that it will send credentials for a different host than the host that Git is currently communicating with thereby allowing for secret exfiltration. GitHub username and OAuth token, or credentials for other Git remote hosts stored in GitHub Desktop could be improperly transmitted to an unrelated host. Users should update to GitHub Desktop 3.4.12 or greater which fixes this vulnerability. Users who suspect they may be affected should revoke any relevant credentials.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

不充分的凭证保护机制

GitHub Desktop 安全漏洞

GitHub Desktop是GitHub Desktop开源的一个 GitHub 桌面版。 GitHub Desktop 3.4.12之前版本存在安全漏洞，该漏洞源于攻击者诱使用户直接或通过子模块克隆存储库，可允许攻击者通过使用恶意制作的远程URL访问用户的凭据。

N/A

N/A