The Git Project announced yesterday a critical arbitrary code execution vulnerability in the Git command line client, Git Desktop, and Atom that could allow malicious repositories to remotely execute commands on a vulnerable machine. […]

from https://www.bleepingcomputer.com/news/security/git-project-patches-remote-code-execution-vulnerability-in-git/