Git-Ecosystem Git-Credential-Manager vulnerabilities

CVE-2024-50338 [HIGH] CWE-200 CVE-2024-50338: Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, m Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git's documentation restricts the use of the NUL (`\0`) character and newlines to form

CVE-2024-32478 [MEDIUM] CWE-732 CVE-2024-32478: Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package d Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in 2.5.0.