Install CommandLineTools below macOS Sequoia installs the VULNERABLE version of Git, 2.39.3 while macOS Sequoia installs a non-vulnerable version 2.39.5. How to get the non vulnerable version installed on macOS Sonoma?
CVE-2024-32002 - Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/
directory.