Bugzilla – Bug 1196162
VUL-0: CVE-2022-24975: git: The --mirror option leaks secret for deleted content, aka the "GitBleed"
Last modified: 2022-02-18 14:16:43 UTC
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option.
This requires user education and can be fixed by administrators responsible for individual repositories.
nothing that can be done, closing as won't fix