CVE-2025-31130 — Vulnetix

CVE-2025-31130 PUBLISHED CVSS 6.800000190734863 MEDIUM

gitoxide does not detect SHA-1 collision attacks

EPSS 0.02% · 5.8th percentile

Risk Scores

CVSS v3.1

6.800000190734863

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

EPSS Score

0.02%

5.8th percentile

Affected Products

Vendor	Product	Versions
crates.io	gix-blame	0, 0
crates.io	gitoxide-core	0, 0
crates.io	gix-config	0, 0
crates.io	gix-diff	0, 0
crates.io	gix-status	0, 0
crates.io	gix-index	0, 0
GitoxideLabs	gitoxide	< 0.42.0, < 0.42.0
crates.io	gix-object	0, 0
crates.io	gix-worktree-state	0, 0
crates.io	gix-commitgraph	0, 0
crates.io	gix-merge	0, 0
crates.io	gix-dir	0, 0
crates.io	gix-archive	0, 0
crates.io	gix-discover	0, 0
crates.io	gix-fsck	0, 0
crates.io	gix-revision	0, 0
crates.io	gix-traverse	0, 0
crates.io	gix	0, 0
crates.io	gix-worktree	0, 0
crates.io	gix-odb	0, 0

…and 8 more

Timeline

Apr 3, 2025 CVE Published
Apr 3, 2025 PoC Published
Apr 4, 2025 PoC Published
Apr 4, 2025 PoC Published
Apr 5, 2025 EPSS Score
Apr 18, 2025 EPSS Score
Apr 30, 2025 EPSS Score
May 13, 2025 EPSS Score
May 26, 2025 EPSS Score
Jun 8, 2025 EPSS Score
Jun 20, 2025 EPSS Score
Jul 3, 2025 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›