Simon Willison’s Weblog

12th October 2017

Exploding Git Repositories. Kate Murphy describes how git is vulnerable to a similar attack to the XML “billion laughs” recursive entity expansion attack—you can create a tiny git repository that acts as a “git bomb”, expanding 12 root objects to over a billion files using recursive blob references.

Posted 12th October 2017 at 7:43 pm

Recent articles

Two new Showboat tools: Chartroom and datasette-showboat - 17th February 2026
Deep Blue - 15th February 2026
The evolution of OpenAI's mission statement - 13th February 2026

This is a link post by Simon Willison, posted on 12th October 2017.

git 51 security 575

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe