"Experts Discovered Millions of .Git Folders Exposed to Public"

According to the Cybernews research team, nearly two million .git folders containing critical project information are publicly accessible. Git is the most widely used open-source Version Control System (VCS). A .git folder contains project-specific information such as remote repository addresses, commit history logs, and other critical metadata. Leaving this data open to the public can result in breaches and system exposure. Another recent Cybernews investigation discovered that CarbonTV, a US-based streaming service, left a server with its source code open. The source code was leaking due to a lack of access control to the .git folder. Researchers at Cybernews found that the most common web service ports, 80 and 443, revealed 1,931,148 IP addresses with live servers, which had .git folder structure accessible to the public. More than 31 percent of the publicly exposed .git folders are in the US, followed by China (8 percent) and Germany (6.5 percent). This article continues to discuss the exposure of millions of .git folders.

Security Affairs reports "Experts Discovered Millions of .Git Folders Exposed to Public"