A remote code exeecution vulnerability was recently discovered in Git LFS:
Vulnerable git clients that clone a malicious repository are vulnerable to remote code execution.
Please determine if Bamboo is vulnerable. If it is definitively determined not to be affected, please close this as a false positive. If it is vulnerable, please work on remediating the issue.