Vulnerability-Lookup

CVE-2025-31130 (GCVE-0-2025-31130)

Vulnerability from cvelistv5 – Published: 2025-04-04 14:41 – Updated: 2026-01-23 17:08

Title

gitoxide does not detect SHA-1 collision attacks

Summary

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide. This vulnerability is fixed in 0.42.0.

Severity ?

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

CWE

CWE-328 - Use of Weak Hash

Assigner

GitHub_M

References

2 references

URL	Tags
https://github.com/GitoxideLabs/gitoxide/security…	x_refsource_CONFIRM
https://github.com/GitoxideLabs/gitoxide/commit/f…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
GitoxideLabs	gitoxide	Affected: < 0.42.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-31130",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-04T14:51:46.167954Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-04T14:51:51.207Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gitoxide",
          "vendor": "GitoxideLabs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.42.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide. This vulnerability is fixed in 0.42.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-328",
              "description": "CWE-328: Use of Weak Hash",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-23T17:08:57.443Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6"
        },
        {
          "name": "https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21"
        }
      ],
      "source": {
        "advisory": "GHSA-2frx-2596-x5r6",
        "discovery": "UNKNOWN"
      },
      "title": "gitoxide does not detect SHA-1 collision attacks"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-31130",
    "datePublished": "2025-04-04T14:41:56.355Z",
    "dateReserved": "2025-03-26T15:04:52.627Z",
    "dateUpdated": "2026-01-23T17:08:57.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-31130",
      "date": "2026-05-22",
      "epss": "0.00028",
      "percentile": "0.08223"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-31130\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-04-04T15:15:48.320\",\"lastModified\":\"2026-01-23T18:16:03.050\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide. This vulnerability is fixed in 0.42.0.\"},{\"lang\":\"es\",\"value\":\"Gitoxide es una implementaci\u00f3n de Git escrita en Rust. Antes de la versi\u00f3n 0.42.0, Gitoxide utilizaba implementaciones de hash SHA-1 sin detecci\u00f3n de colisiones, lo que lo hac\u00eda vulnerable a ataques de colisi\u00f3n de hash. Gitoxide utiliza la caja sha1_smol o sha1, que implementan SHA-1 est\u00e1ndar sin mitigaciones para ataques de colisi\u00f3n. Esto significa que dos objetos Git distintos con hashes SHA-1 en colisi\u00f3n interrumpir\u00edan el modelo de objetos Git y las comprobaciones de integridad al usarse con Gitoxide. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 0.42.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-328\"}]}],\"references\":[{\"url\":\"https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-31130\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-04T14:51:46.167954Z\"}}}], \"references\": [{\"url\": \"https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-04T14:51:41.104Z\"}}], \"cna\": {\"title\": \"gitoxide does not detect SHA-1 collision attacks\", \"source\": {\"advisory\": \"GHSA-2frx-2596-x5r6\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"GitoxideLabs\", \"product\": \"gitoxide\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.42.0\"}]}], \"references\": [{\"url\": \"https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6\", \"name\": \"https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21\", \"name\": \"https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide. This vulnerability is fixed in 0.42.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-328\", \"description\": \"CWE-328: Use of Weak Hash\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-01-23T17:08:57.443Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-31130\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-23T17:08:57.443Z\", \"dateReserved\": \"2025-03-26T15:04:52.627Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-04-04T14:41:56.355Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2025-31130

Vulnerability from fkie_nvd - Published: 2025-04-04 15:15 - Updated: 2026-04-15 00:35

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21
	security-advisories@github.com	https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide. This vulnerability is fixed in 0.42.0."
    },
    {
      "lang": "es",
      "value": "Gitoxide es una implementaci\u00f3n de Git escrita en Rust. Antes de la versi\u00f3n 0.42.0, Gitoxide utilizaba implementaciones de hash SHA-1 sin detecci\u00f3n de colisiones, lo que lo hac\u00eda vulnerable a ataques de colisi\u00f3n de hash. Gitoxide utiliza la caja sha1_smol o sha1, que implementan SHA-1 est\u00e1ndar sin mitigaciones para ataques de colisi\u00f3n. Esto significa que dos objetos Git distintos con hashes SHA-1 en colisi\u00f3n interrumpir\u00edan el modelo de objetos Git y las comprobaciones de integridad al usarse con Gitoxide. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 0.42.0."
    }
  ],
  "id": "CVE-2025-31130",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-04T15:15:48.320",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-328"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GHSA-2FRX-2596-X5R6

Vulnerability from github – Published: 2025-04-04 16:06 – Updated: 2026-01-23 17:09

Summary

gitoxide does not detect SHA-1 collision attacks

Details

Summary

gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks.

Details

gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide.

The SHA-1 function is considered cryptographically insecure. However, in the wake of the SHAttered attacks, this issue was mitigated in Git 2.13.0 in 2017 by using the sha1collisiondetection algorithm by default and producing an error when known SHA-1 collisions are detected. Git is in the process of migrating to using SHA-256 for object hashes, but this has not been rolled out widely yet and gitoxide does not support SHA-256 object hashes.

PoC

The following program demonstrates the problem, using the two SHAttered PDFs:

use sha1_checked::{CollisionResult, Digest};

fn sha1_oid_of_file(filename: &str) -> gix::ObjectId {
    let mut hasher = gix::features::hash::hasher(gix::hash::Kind::Sha1);
    hasher.update(&std::fs::read(filename).unwrap());
    gix::ObjectId::Sha1(hasher.digest())
}

fn sha1dc_oid_of_file(filename: &str) -> Result<gix::ObjectId, String> {
    // Matches Git’s behaviour.
    let mut hasher = sha1_checked::Builder::default().safe_hash(false).build();
    hasher.update(&std::fs::read(filename).unwrap());
    match hasher.try_finalize() {
        CollisionResult::Ok(digest) => Ok(gix::ObjectId::Sha1(digest.into())),
        CollisionResult::Mitigated(_) => unreachable!(),
        CollisionResult::Collision(digest) => Err(format!(
            "Collision attack: {}",
            gix::ObjectId::Sha1(digest.into()).to_hex()
        )),
    }
}

fn main() {
    dbg!(sha1_oid_of_file("shattered-1.pdf"));
    dbg!(sha1_oid_of_file("shattered-2.pdf"));
    dbg!(sha1dc_oid_of_file("shattered-1.pdf"));
    dbg!(sha1dc_oid_of_file("shattered-2.pdf"));
}

The output is as follows:

[src/main.rs:24:5] sha1_oid_of_file("shattered-1.pdf") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)
[src/main.rs:25:5] sha1_oid_of_file("shattered-2.pdf") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)
[src/main.rs:26:5] sha1dc_oid_of_file("shattered-1.pdf") = Err(
    "Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a",
)
[src/main.rs:27:5] sha1dc_oid_of_file("shattered-2.pdf") = Err(
    "Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a",
)

The latter behaviour matches Git.

Since the SHAttered PDFs are not in a valid format for Git objects, a direct proof‐of‐concept using higher‐level APIs cannot be immediately demonstrated without significant computational resources.

Impact

An attacker with the ability to mount a collision attack on SHA-1 like the SHAttered or SHA-1 is a Shambles attacks could create two distinct Git objects with the same hash. This is becoming increasingly affordable for well‐resourced attackers, with the Shambles researchers in 2020 estimating $45k for a chosen‐prefix collision or $11k for a classical collision, and projecting less than $10k for a chosen‐prefix collision by 2025. The result could be used to disguise malicious repository contents, or potentially exploit assumptions in the logic of programs using gitoxide to cause further vulnerabilities.

This vulnerability affects any user of gitoxide, including gix-* library crates, that reads or writes Git objects.

Severity ?

6.8 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-features"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.41.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-commitgraph"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.27.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-index"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.39.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-object"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.48.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-odb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.68.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-pack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.58.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gitoxide"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.42.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gitoxide-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.46.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.71.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-archive"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.20.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-blame"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-config"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.44.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-diff"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.51.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-dir"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.13.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-discover"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.39.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-filter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.18.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-fsck"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.10.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-merge"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-negotiate"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.19.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-protocol"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.49.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-ref"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.51.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-revision"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.33.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-revwalk"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.19.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-status"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.18.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-traverse"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.45.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-worktree"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.40.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-worktree-state"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.18.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-31130"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-04T16:06:08Z",
    "nvd_published_at": "2025-04-04T15:15:48Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\ngitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks.\n\n### Details\ngitoxide uses the `sha1_smol` or `sha1` crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide.\n\nThe SHA-1 function is considered cryptographically insecure. However, in the wake of the SHAttered attacks, this issue was mitigated in Git 2.13.0 in 2017 by using the [sha1collisiondetection](https://github.com/crmarcstevens/sha1collisiondetection) algorithm by default and producing an error when known SHA-1 collisions are detected. Git is in the process of migrating to using SHA-256 for object hashes, but this has not been rolled out widely yet and gitoxide does not support SHA-256 object hashes.\n\n### PoC\nThe following program demonstrates the problem, using the two [SHAttered PDFs](https://shattered.io/):\n\n```rust\nuse sha1_checked::{CollisionResult, Digest};\n\nfn sha1_oid_of_file(filename: \u0026str) -\u003e gix::ObjectId {\n    let mut hasher = gix::features::hash::hasher(gix::hash::Kind::Sha1);\n    hasher.update(\u0026std::fs::read(filename).unwrap());\n    gix::ObjectId::Sha1(hasher.digest())\n}\n\nfn sha1dc_oid_of_file(filename: \u0026str) -\u003e Result\u003cgix::ObjectId, String\u003e {\n    // Matches Git\u2019s behaviour.\n    let mut hasher = sha1_checked::Builder::default().safe_hash(false).build();\n    hasher.update(\u0026std::fs::read(filename).unwrap());\n    match hasher.try_finalize() {\n        CollisionResult::Ok(digest) =\u003e Ok(gix::ObjectId::Sha1(digest.into())),\n        CollisionResult::Mitigated(_) =\u003e unreachable!(),\n        CollisionResult::Collision(digest) =\u003e Err(format!(\n            \"Collision attack: {}\",\n            gix::ObjectId::Sha1(digest.into()).to_hex()\n        )),\n    }\n}\n\nfn main() {\n    dbg!(sha1_oid_of_file(\"shattered-1.pdf\"));\n    dbg!(sha1_oid_of_file(\"shattered-2.pdf\"));\n    dbg!(sha1dc_oid_of_file(\"shattered-1.pdf\"));\n    dbg!(sha1dc_oid_of_file(\"shattered-2.pdf\"));\n}\n```\n\nThe output is as follows:\n\n```\n[src/main.rs:24:5] sha1_oid_of_file(\"shattered-1.pdf\") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)\n[src/main.rs:25:5] sha1_oid_of_file(\"shattered-2.pdf\") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)\n[src/main.rs:26:5] sha1dc_oid_of_file(\"shattered-1.pdf\") = Err(\n    \"Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a\",\n)\n[src/main.rs:27:5] sha1dc_oid_of_file(\"shattered-2.pdf\") = Err(\n    \"Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a\",\n)\n```\n\nThe latter behaviour matches Git.\n\nSince the SHAttered PDFs are not in a valid format for Git objects, a direct proof\u2010of\u2010concept using higher\u2010level APIs cannot be immediately demonstrated without significant computational resources.\n\n### Impact\nAn attacker with the ability to mount a collision attack on SHA-1 like the [SHAttered](https://shattered.io/) or [SHA-1 is a Shambles](https://sha-mbles.github.io/) attacks could create two distinct Git objects with the same hash. This is becoming increasingly affordable for well\u2010resourced attackers, with the Shambles researchers in 2020 estimating $45k for a chosen\u2010prefix collision or $11k for a classical collision, and projecting less than $10k for a chosen\u2010prefix collision by 2025. The result could be used to disguise malicious repository contents, or potentially exploit assumptions in the logic of programs using gitoxide to cause further vulnerabilities.\n\nThis vulnerability affects any user of gitoxide, including `gix-*` library crates, that reads or writes Git objects.",
  "id": "GHSA-2frx-2596-x5r6",
  "modified": "2026-01-23T17:09:14Z",
  "published": "2025-04-04T16:06:08Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31130"
    },
    {
      "type": "WEB",
      "url": "https://github.com/GitoxideLabs/gitoxide/commit/f253f02a6658b3b7612a50d56c71f5ae4da4ca21"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/GitoxideLabs/gitoxide"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2025-0021.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "gitoxide does not detect SHA-1 collision attacks"
}

OPENSUSE-SU-2025:14994-1

Vulnerability from csaf_opensuse - Published: 2025-04-15 00:00 - Updated: 2025-04-15 00:00

Summary

gitoxide-0.42.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: gitoxide-0.42.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the gitoxide-0.42.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2025-14994

CVE-2025-22620

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-31130

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:gitoxide-0.42.0-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

10 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://www.suse.com/security/cve/CVE-2025-22620/	self
https://www.suse.com/security/cve/CVE-2025-31130/	self
https://www.suse.com/security/cve/CVE-2025-22620	external
https://bugzilla.suse.com/1236139	external
https://www.suse.com/security/cve/CVE-2025-31130	external
https://bugzilla.suse.com/1240872	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "gitoxide-0.42.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the gitoxide-0.42.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-14994",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14994-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2025:14994-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UB7J3ICQXX5X3DH3GBAB3YV3PB7REZNJ/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2025:14994-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UB7J3ICQXX5X3DH3GBAB3YV3PB7REZNJ/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22620 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22620/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-31130 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-31130/"
      }
    ],
    "title": "gitoxide-0.42.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-04-15T00:00:00Z",
      "generator": {
        "date": "2025-04-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:14994-1",
      "initial_release_date": "2025-04-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-04-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gitoxide-0.42.0-1.1.aarch64",
                "product": {
                  "name": "gitoxide-0.42.0-1.1.aarch64",
                  "product_id": "gitoxide-0.42.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gitoxide-0.42.0-1.1.ppc64le",
                "product": {
                  "name": "gitoxide-0.42.0-1.1.ppc64le",
                  "product_id": "gitoxide-0.42.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gitoxide-0.42.0-1.1.s390x",
                "product": {
                  "name": "gitoxide-0.42.0-1.1.s390x",
                  "product_id": "gitoxide-0.42.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gitoxide-0.42.0-1.1.x86_64",
                "product": {
                  "name": "gitoxide-0.42.0-1.1.x86_64",
                  "product_id": "gitoxide-0.42.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gitoxide-0.42.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.aarch64"
        },
        "product_reference": "gitoxide-0.42.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gitoxide-0.42.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.ppc64le"
        },
        "product_reference": "gitoxide-0.42.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gitoxide-0.42.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.s390x"
        },
        "product_reference": "gitoxide-0.42.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gitoxide-0.42.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.x86_64"
        },
        "product_reference": "gitoxide-0.42.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-22620",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22620"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some situations. This vulnerability is fixed in 0.17.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.aarch64",
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.ppc64le",
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.s390x",
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22620",
          "url": "https://www.suse.com/security/cve/CVE-2025-22620"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236139 for CVE-2025-22620",
          "url": "https://bugzilla.suse.com/1236139"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.aarch64",
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.ppc64le",
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.s390x",
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-22620"
    },
    {
      "cve": "CVE-2025-31130",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-31130"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide. This vulnerability is fixed in 0.42.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.aarch64",
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.ppc64le",
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.s390x",
          "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-31130",
          "url": "https://www.suse.com/security/cve/CVE-2025-31130"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240872 for CVE-2025-31130",
          "url": "https://bugzilla.suse.com/1240872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.aarch64",
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.ppc64le",
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.s390x",
            "openSUSE Tumbleweed:gitoxide-0.42.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-31130"
    }
  ]
}

rustsec-2025-0021

Vulnerability from osv_rustsec

Published

2025-04-03 12:00

Modified

2025-04-08 07:10

Summary

SHA-1 collision attacks are not detected

Details

Summary

gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks.

Details

PoC

The following program demonstrates the problem, using the two SHAttered PDFs:

use sha1_checked::{CollisionResult, Digest};

fn sha1_oid_of_file(filename: &str) -> gix::ObjectId {
    let mut hasher = gix::features::hash::hasher(gix::hash::Kind::Sha1);
    hasher.update(&std::fs::read(filename).unwrap());
    gix::ObjectId::Sha1(hasher.digest())
}

fn sha1dc_oid_of_file(filename: &str) -> Result<gix::ObjectId, String> {
    // Matches Git’s behaviour.
    let mut hasher = sha1_checked::Builder::default().safe_hash(false).build();
    hasher.update(&std::fs::read(filename).unwrap());
    match hasher.try_finalize() {
        CollisionResult::Ok(digest) => Ok(gix::ObjectId::Sha1(digest.into())),
        CollisionResult::Mitigated(_) => unreachable!(),
        CollisionResult::Collision(digest) => Err(format!(
            "Collision attack: {}",
            gix::ObjectId::Sha1(digest.into()).to_hex()
        )),
    }
}

fn main() {
    dbg!(sha1_oid_of_file("shattered-1.pdf"));
    dbg!(sha1_oid_of_file("shattered-2.pdf"));
    dbg!(sha1dc_oid_of_file("shattered-1.pdf"));
    dbg!(sha1dc_oid_of_file("shattered-2.pdf"));
}

The output is as follows:

[src/main.rs:24:5] sha1_oid_of_file("shattered-1.pdf") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)
[src/main.rs:25:5] sha1_oid_of_file("shattered-2.pdf") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)
[src/main.rs:26:5] sha1dc_oid_of_file("shattered-1.pdf") = Err(
    "Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a",
)
[src/main.rs:27:5] sha1dc_oid_of_file("shattered-2.pdf") = Err(
    "Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a",
)

The latter behaviour matches Git.

Impact

This vulnerability affects any user of gitoxide, including gix-* library crates, that reads or writes Git objects.

Severity

6.8 (Medium)


                    
                      CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

References

URL

Type

	https://crates.io/crates/gix-features	PACKAGE
	https://rustsec.org/advisories/RUSTSEC-2025-0021.html	ADVISORY
	https://github.com/GitoxideLabs/gitoxide/security…	ADVISORY
	https://github.com/advisories/GHSA-2frx-2596-x5r6	ADVISORY
	https://nvd.nist.gov/vuln/detail/CVE-2025-31130	WEB

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "categories": [
          "crypto-failure"
        ],
        "cvss": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
        "informational": null
      },
      "ecosystem_specific": {
        "affected_functions": null,
        "affects": {
          "arch": [],
          "functions": [
            "gix_features::hash::Hasher::digest",
            "gix_features::hash::Hasher::update",
            "gix_features::hash::Write::flush",
            "gix_features::hash::Write::new",
            "gix_features::hash::Write::write",
            "gix_features::hash::bytes",
            "gix_features::hash::bytes_of_file",
            "gix_features::hash::bytes_with_hasher",
            "gix_features::hash::hasher"
          ],
          "os": []
        }
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "gix-features",
        "purl": "pkg:cargo/gix-features"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0-0"
            },
            {
              "fixed": "0.41.0"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "versions": []
    }
  ],
  "aliases": [
    "CVE-2025-31130",
    "GHSA-2frx-2596-x5r6"
  ],
  "database_specific": {
    "license": "CC0-1.0"
  },
  "details": "### Summary\ngitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks.\n\n### Details\ngitoxide uses the `sha1_smol` or `sha1` crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide.\n\nThe SHA-1 function is considered cryptographically insecure. However, in the wake of the SHAttered attacks, this issue was mitigated in Git 2.13.0 in 2017 by using the [sha1collisiondetection](https://github.com/crmarcstevens/sha1collisiondetection) algorithm by default and producing an error when known SHA-1 collisions are detected. Git is in the process of migrating to using SHA-256 for object hashes, but this has not been rolled out widely yet and gitoxide does not support SHA-256 object hashes.\n\n### PoC\nThe following program demonstrates the problem, using the two [SHAttered PDFs](https://shattered.io/):\n\n```rust\nuse sha1_checked::{CollisionResult, Digest};\n\nfn sha1_oid_of_file(filename: \u0026str) -\u003e gix::ObjectId {\n    let mut hasher = gix::features::hash::hasher(gix::hash::Kind::Sha1);\n    hasher.update(\u0026std::fs::read(filename).unwrap());\n    gix::ObjectId::Sha1(hasher.digest())\n}\n\nfn sha1dc_oid_of_file(filename: \u0026str) -\u003e Result\u003cgix::ObjectId, String\u003e {\n    // Matches Git\u2019s behaviour.\n    let mut hasher = sha1_checked::Builder::default().safe_hash(false).build();\n    hasher.update(\u0026std::fs::read(filename).unwrap());\n    match hasher.try_finalize() {\n        CollisionResult::Ok(digest) =\u003e Ok(gix::ObjectId::Sha1(digest.into())),\n        CollisionResult::Mitigated(_) =\u003e unreachable!(),\n        CollisionResult::Collision(digest) =\u003e Err(format!(\n            \"Collision attack: {}\",\n            gix::ObjectId::Sha1(digest.into()).to_hex()\n        )),\n    }\n}\n\nfn main() {\n    dbg!(sha1_oid_of_file(\"shattered-1.pdf\"));\n    dbg!(sha1_oid_of_file(\"shattered-2.pdf\"));\n    dbg!(sha1dc_oid_of_file(\"shattered-1.pdf\"));\n    dbg!(sha1dc_oid_of_file(\"shattered-2.pdf\"));\n}\n```\n\nThe output is as follows:\n\n```\n[src/main.rs:24:5] sha1_oid_of_file(\"shattered-1.pdf\") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)\n[src/main.rs:25:5] sha1_oid_of_file(\"shattered-2.pdf\") = Sha1(38762cf7f55934b34d179ae6a4c80cadccbb7f0a)\n[src/main.rs:26:5] sha1dc_oid_of_file(\"shattered-1.pdf\") = Err(\n    \"Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a\",\n)\n[src/main.rs:27:5] sha1dc_oid_of_file(\"shattered-2.pdf\") = Err(\n    \"Collision attack: 38762cf7f55934b34d179ae6a4c80cadccbb7f0a\",\n)\n```\n\nThe latter behaviour matches Git.\n\nSince the SHAttered PDFs are not in a valid format for Git objects, a direct proof\u2010of\u2010concept using higher\u2010level APIs cannot be immediately demonstrated without significant computational resources.\n\n### Impact\nAn attacker with the ability to mount a collision attack on SHA-1 like the [SHAttered](https://shattered.io/) or [SHA-1 is a Shambles](https://sha-mbles.github.io/) attacks could create two distinct Git objects with the same hash. This is becoming increasingly affordable for well\u2010resourced attackers, with the Shambles researchers in 2020 estimating $45k for a chosen\u2010prefix collision or $11k for a classical collision, and projecting less than $10k for a chosen\u2010prefix collision by 2025. The result could be used to disguise malicious repository contents, or potentially exploit assumptions in the logic of programs using gitoxide to cause further vulnerabilities.\n\nThis vulnerability affects any user of gitoxide, including `gix-*` library crates, that reads or writes Git objects.",
  "id": "RUSTSEC-2025-0021",
  "modified": "2025-04-08T07:10:04Z",
  "published": "2025-04-03T12:00:00Z",
  "references": [
    {
      "type": "PACKAGE",
      "url": "https://crates.io/crates/gix-features"
    },
    {
      "type": "ADVISORY",
      "url": "https://rustsec.org/advisories/RUSTSEC-2025-0021.html"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-2frx-2596-x5r6"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31130"
    }
  ],
  "related": [],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "SHA-1 collision attacks are not detected"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-31130 (GCVE-0-2025-31130)

FKIE_CVE-2025-31130

GHSA-2FRX-2596-X5R6

Summary

Details

PoC

Impact

OPENSUSE-SU-2025:14994-1

rustsec-2025-0021

Vulnerability from osv_rustsec

Summary

Details

PoC

Impact

Tags

Sightings

Nomenclature