Filenames on Linux/Unix can contain backslashes. On Windows, backslashes are directory separators. Git did not use to refuse to write out tracked files with such filenames.
Git was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be overwritten during a clone.
Samba client code (libsmbclient) returns server-supplied filenames to calling code without checking for pathname separators (such as "/" or"../") in the server returned names. A malicious server can craft a pathname containing separators and return this to client code, causing the client to use this access local pathnames for reading or writing instead of SMB network pathnames. This access is done using the local privileges of the client. This attack can be achieved using any of SMB1/2/3 as it is not reliant on any specific SMB protocol version.