Unknown · Git Credential Manager · CVE-2024-32478
**Name of the Vulnerable Software and Affected Versions**
Git Credential Manager (GCM) versions prior to 2.5.0
**Description**
The issue arises from the Debian package of Git Credential Manager (GCM) not setting root ownership on installed files prior to version 2.5.0. This allows a user on a multi-user system to replace the binary and gain privileges of other users.
**Recommendations**
For versions prior to 2.5.0, update to version 2.5.0 to resolve the issue. As a temporary workaround, consider setting root ownership on installed files manually until the update can be applied.