X41 released an audit of GIT. There are some serious issues. Example: A critical out of bounds heap issue was identified that can be triggered via a git clone or git pull from a remote repository located on untrustworthy infrastructure.
IMHO: A lot of issues comes from C and its way to manage the memory.
X41: Security Audit of Git